I'm totally not advocating for 2FA over SMS. It's also just not secure enough. W... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		yoavm on March 25, 2024 \| parent \| context \| favorite \| on: Aegis v3.0 – a free, secure and open source 2FA ap... I'm totally not advocating for 2FA over SMS. It's also just not secure enough. What if the website presented a QR you can scan with Aegis and then Aegis would make a request with your one time code? You could still type it manually - there would be an input and a QR code next to it.

sliken on March 25, 2024 [–]

Kinda surprised banks aren't more current with security, after all even NIST recognizes the problem with 2FA over SMS: https://www.nist.gov/blogs/cybersecurity-insights/questionsa...

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact