Discussion in 'privacy technology' started by ronjor, Sep 14, 2017.
By Markus Jakobsson on September 14, 2017
Not all 2FA is equal. Everyone knows SMS (and biometrics) is a disaster area.
Yet the adoption of the cheap and relatively privacy friendly U2F dongle (Fido, which is not just Google), has been glacial in the market. And the reason for this is that the corporates desperately want your mobile phone number and hopefully face-print and finger-print, because they then "have" you. With a U2F dongle they don't - who cares that their schemes are inadequate because they don't get hit with sufficient liability claims.
When you turn a new iphone on for the first time it is like being arrested.
Put your thumb here. Turn your thumb this way turn your thumb that way.
Hold the phone while it takes your picture.
Speak this phrase into the phone so it can collect your voice sample.
Its almost funny, but not.
U2F all the way!
I use Yubikey.
Separate names with a comma.