Its called two step verification. Prevents someone from “guessing” the password ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		joshribakoff on July 3, 2024 \| parent \| context \| favorite \| on: Show HN: Faktor – The missing 2FA code autocomplet... Its called two step verification. Prevents someone from “guessing” the password but doesn’t stop someone who has physical access to the device with the password stored. Same as with e-mail or SMS codes, basically. I don’t think i recall any websites that detect i am using my phone and rely on a true “second factor” aside from enterprise applications where i got a hardware yubi key.

marcrosoft on July 4, 2024 [–]

It is called 2 factor or multi-factor authentication. It should be something you know (password) and something you have (device). Storing totp with your password defeats the entire point of it.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact