296

submitted 1 month ago by TehBamski@lemmy.world to c/cybersecuritymemes@lemmy.world

49 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[-] jj4211@lemmy.world 6 points 1 month ago

While true, other scenarios do come into play, like "I'm using a FIDO key but I dropped it down a storm drain". Meaning you pretty much have to provide some recovery mechanism, since you can't really require the user to have a backup device.

[-] RecluseRamble@lemmy.dbzer0.com 3 points 1 month ago* (last edited 1 month ago)

That's why I don't use hardware tokens. They are more secure but they can break or get lost/stolen. My authentication app supports backups.

[-] jj4211@lemmy.world 1 points 1 month ago

Indeed, but some "security" guys frown deeply about the private key ever leaving a specific hardware device, because the second it can be backed up they freak out that it could, theoretically, be stolen. It's hardly a practical concern, but there's a lot of security people that don't care about practical considerations.

[-] RecluseRamble@lemmy.dbzer0.com 4 points 1 month ago

I see it more neutrally - the concern isn't wrong after all. Security is always to be balanced against convenience.

I consider being locked out for good so inconvenient that I'm willing to sacrifice a bit of security to avoid it. But everyone has to find what works best for them.

[-] fuzzzerd@programming.dev 3 points 1 month ago

Get out of here with your pragmatism. We'll have none of that in this security context.

[-] bertof@lemm.ee 1 points 1 month ago

That's why it is called multi-factor

this post was submitted on 26 Jun 2024

296 points (96.0% liked)

Cybersecurity - Memes

1668 readers

325 users here now

Only the hottest memes in Cybersecurity

founded 1 year ago

MODERATORS

Sam1232188@lemmy.world

neurohost@lemmy.world

Sam1232188@lemmy.fmhy.ml

Alphadef@programming.dev

CannaVet@lemmy.world