Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Beginners & Help
Re: Suggestions for protecting your email privacy
by
GSpgh
on 20/11/2019, 14:25:15 UTC
Quote from: ETFbitcoin on November 19, 2019, 06:10:03 PM
Quote from: GSpgh on November 19, 2019, 01:33:40 PM
Quote from: AlmazWin on November 19, 2019, 12:50:41 PM
There have been cases when hacked two-factor authentication?

The commonly used 2FA (30-second 6-digit codes) is basically just a random password that gets hashed with a time value to produce your code. So the advantage is that the password itself is never sent over the internet but it can still be leaked from the server or from your device via some malware or from backups.

That depends on type of 2FA you use. It's possible to use email as 2FA, even though it's rare nowadays.

I mean TOTP standard which is probably the most common offline 2FA method.

I don't think email confirmation qualifies to be called 2FA, it's just an out-of-band verification method. It's better than nothing but it's vulnerable to various exploits and it doesn't satisfy the basic MFA requirements (two or more of something you know/have/are).

TOTP is also not perfect because it relies on a shared password but that's a different discussion.