mobile phone + password = 2 factor auth?
Seth Vidal
skvidal at fedoraproject.org
Tue May 26 15:11:20 UTC 2009
On Tue, 26 May 2009, Bryan Kearney wrote:
> Seth Vidal wrote:
>>
>>
>> On Tue, 26 May 2009, Bryan Kearney wrote:
>>
>>> Seth Vidal wrote:
>>>> Now, my question is - what is dangerous/silly about this?
>>>
>>>
>>> Luddites like me who have disabled text messages on their phones.
>>>
>>
>> Well your options would eventually be:
>> - enable txt msgs
>> - carry a yubikey with you everywhere
>
> As long as I get a non-text msg version I am fine. To your original
> question... things to consider:
>
> 1) Cost of sending SMS.
> 2) How to prove that bkearney at foo.com == 555-1212
>
1. acknowledged - but we know there is a cost to the hardware keys, too.
2. you prove that they are related the same way that I prove that when we
issue a hw key to skvidal at fedoraproject.org that it goes to ME.
-sv
More information about the infrastructure
mailing list