The real reason why you shouldn't share OTP codes

It might not be what you think

One-Time Passwords, or OTPs are a widely used authentication factor in many online services, big and small. When I’m not ranting about them, I actually think they’re pretty good. So, today is not another attack on OTP or multi-factor authentication, but instead, an effort to educate people about how they work and what we need to do to ensure we stay safe. There are some misconceptions out there, so let’s try to correct them. [Read More]

Nine things I hate about Multi-Factor Authentication

My love-hate relationship with 2FA/MFA

Multi-factor authentication (MFA) is a critical part of our defence of information systems, but it is far from perfect. I’ve made a list of list of things I dislike about it, not because I think that MFA needs to go away, but because if we can solve some of these gripes, MFA becomes even more powerful. What is MFA? When I talk about MFA, I mean the authentication methods that tend to be used in addition to your username/password. [Read More]