6 Aug
2018
6 Aug
'18
1:07 p.m.
| From: D. Hugh Redelmeier via talk <talk@gtalug.org> | Single-sign-on makes multi-factor authentication more feasible. I don't | trust the monopoly power of single-sign-on providers. And I don't | trust the resulting "one compromise to rule them all" ecosystem. And | I'm not attached at the hip to a mobile phone (SMS is the usual second | factor for consumers). reddit got compromised when their second factor was carried by SMS: <https://arstechnica.com/information-technology/2018/08/password-breach-teaches-reddit-that-yes-phone-based-2fa-is-that-bad/>