• Hotzilla@sopuli.xyz
    link
    fedilink
    English
    arrow-up
    12
    ·
    edit-2
    8 months ago

    Sorry, as IT person I have to disagree, app based MFA is just way much easier to maintain instead of HW keys.

    Edit: forgot to mention that in Finland companies here has to provide phone if your work require that. In IT I don’t want nothing to do with users personal devices, and it sounds insane to me that in US companies force apps to your personal devices.

      • bus_factor@lemmy.world
        link
        fedilink
        English
        arrow-up
        10
        ·
        8 months ago

        They’re talking about operationally. They don’t want to configure and distribute a bajillion dongles to users.

      • derpgon@programming.dev
        link
        fedilink
        English
        arrow-up
        9
        ·
        8 months ago

        Open an app, find the one number for your specific app among the bajillion you have, oh the timer is almost out and you forgot halfway through, tap back in the app, oh the fucking app scroll all the way to the top again.

      • HeavyDogFeet@lemmy.world
        link
        fedilink
        English
        arrow-up
        7
        ·
        8 months ago

        Often times, yes. I don’t want to always have to have a USB key on me, but I always have access to MFA apps via my phone, watch, or laptop. I have no idea why you’re typing the code out instead of copying and pasting.

      • daq@lemmy.sdf.org
        link
        fedilink
        English
        arrow-up
        1
        ·
        8 months ago

        Pretty sure he’s talking about mfa that just asks for confirmation whether that’s you logging in on the phone. No typing required.

    • MSids@lemmy.world
      link
      fedilink
      English
      arrow-up
      4
      ·
      8 months ago

      App-based TOTP are not phishing resistant and do not require any level of proximity to the login session. The future is more likely passkeys that use device TPMs.