Idiotic security measures
-
So I use two-factor authentication to log into the financial institution that has all my moneys. To simplify recovering from typos, on the first page I give my userid and fixed password, then they prompt me for the rotating code:
Why on earth are they obscuring the digits? If an attacker were shoulder-surfing me, what use would a 30-second single-use code be to them?
And if they were shoulder-surfing me, wouldn't they just read the digits off of the device I was copying the number from?
-
@greybeard said in Idiotic security measures:
wouldn't they just read the digits off of the device I was copying the number from?
They need to obscure the numbers on the device as well! Security!
-
@dkf said in Idiotic security measures:
@greybeard said in Idiotic security measures:
wouldn't they just read the digits off of the device I was copying the number from?
They need to obscure the numbers on the device as well! Security!
-
@dkf said in Idiotic security measures:
@greybeard said in Idiotic security measures:
wouldn't they just read the digits off of the device I was copying the number from?
They need to obscure the numbers on the device as well! Security!
But
hunter2
isn't numeric!
-
@dcon They use a special device for that