One Comment

  1. You’re right, these so-called second-factors are not really a proper second factor when the new data is sent over the same channel.

    One example of two-factor authentication that works pretty well, is the use of cellular phones. I go to my bank’s website, log in, then they call me before allowing me access to my account. This of course, brings about a new problem — I must always have my phone ready.

    This is not fool-proof either, and I have yet to see any phishing “solutions” that are. Until there is a general-case solution, we just keep trying new things and use solutions to protect specific types of phishing attacks.

Comments are closed.