Ask HN: How is Google prompt more secure than Google authenticator (TOTP/HOTP)

4 pointsindigane5y ago1 comments

Google is constantly pushing to move from authenticator codes to Google prompt, due to it being more secure according to them. I can not find any explanation on the security of authenticator vs prompt. With my limited knowledge, I believe both are susceptiple to phishing, so what's the security benefit?

1 comments

codegladiator5y ago

It is still 2 factor auth. And according to them the most smooth one.

In OTP/TOTP it doesn't matter where the OTP comes from, so code is the second factor. In google auth the mobile device is the second factor.

j / k navigate · click thread line to collapse

Ask HN: How is Google prompt more secure than Google authenticator (TOTP/HOTP)

4 pointsindigane5y ago1 comments

1 comments

codegladiator5y ago

It is still 2 factor auth. And according to them the most smooth one.

In OTP/TOTP it doesn't matter where the OTP comes from, so code is the second factor. In google auth the mobile device is the second factor.

j / k navigate · click thread line to collapse