Hacker News new | past | comments | ask | show | jobs | submit login

As a standalone method of authentication, insecure is more ways than I can list.

I didn't think this was controversial or obscure. Authentication on my work laptop is fingerprint + 2FA, then password and 2FA for VPN. Access to most other resources at that point is certificate driven.

I wish my bank would use certificates, for instance. I absolutely get the human (ultimately cost) factors involved, but my bank is one of the few entities with which I would go through the hassle of in-person key setup/renewal.




Consider applying for YC's W25 batch! Applications are open till Nov 12.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: