• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

What is your preferred two factor authentication method?

Status
Not open for further replies.
G

GWestphal

Golden Member
I like google authenticator a lot and wish every website would offer it. Seems like half of banks don't have anything and the other half do text codes. For some reason I really don't like the text code idea, don't know why.

I would be in favor of a single username and password for everything + unique two factor code. Would that be secure enough? It would be so nice to only have to remember one password.

Places that still need two factor auth: my banks, each online credit card transaction, logmein, possible option for OSes, every cloud based anything, pretty much every website with a login should have the option.

I would move this to security but you already have a thread there.
admin allisolm
 
Last edited by a moderator:
I use a physical keyfob for paypal as an extra layer of security. It should be required for any type of account involving money IMO.
 
What's a text code? Google texts me my authentication code when I log in from a new computer. That's not a text code?
 
Yes, that's what I meant by text code, a code sent in a text message. I just don't like the idea for some reason, I much prefer to have a generator on my phone vs having a text sent, because sometimes they are delayed for whatever reason. I also dislike having addition things on my keychain so I don't like having and RSA key. It's easy to do on cell phone, all the software is free and open source for clients and servers, it really shouldn't be hard for anyone to implement the google authenticator compatible version. Heck someone should take the google authenticator open source and roll it into a non-google version that can be part of openid or openauth or some such so people don't say "oh noes, but google knows everything".
 
GWestphal said:
Yes, that's what I meant by text code, a code sent in a text message. I just don't like the idea for some reason, I much prefer to have a generator on my phone vs having a text sent, because sometimes they are delayed for whatever reason. I also dislike having addition things on my keychain so I don't like having and RSA key. It's easy to do on cell phone, all the software is free and open source for clients and servers, it really shouldn't be hard for anyone to implement the google authenticator compatible version. Heck someone should take the google authenticator open source and roll it into a non-google version that can be part of openid or openauth or some such so people don't say "oh noes, but google knows everything".
Click to expand...

Google (and others like MS) are just using the RFC 6238 spec.

http://tools.ietf.org/html/rfc6238
 
Status
Not open for further replies.

TRENDING THREADS

Back
Top