On Tue, Aug 6, 2024 at 4:25 AM Kevin Price <k...@osnanet.de> wrote: > > [...] > > 2FA is intended to raise the bar of stealing your login from just one > leaked known secret (username/passphrase) to two _strictly_ separate > bars. The latter must not be yet another secret, but might be physical > custody of some given device. In that way, a merely leaked passphrase > won't give immediate access to your login, neither would that device, if > only that was stolen.
The three security properties of a second factor are: 1. entropy 2. replay resistance 3. phishing resistance Jeff
