• You’re right, these so-called second-factors are not really a proper second factor when the new data is sent over the same channel.

    One example of two-factor authentication that works pretty well, is the use of cellular phones. I go to my bank’s website, log in, then they call me before allowing me access to my account. This of course, brings about a new problem — I must always have my phone ready.

    This is not fool-proof either, and I have yet to see any phishing “solutions” that are. Until there is a general-case solution, we just keep trying new things and use solutions to protect specific types of phishing attacks.

Comments are closed.


All opinions are my own, and not necessarily those of Thomson Reuters.



RSS loose wire blog