undefined | Better HN

0 pointshananova1y ago0 comments

Why would that help? Where I work we have a central server with some phones connected that act as the 2FA devices for every service where not all employees have their own account, with an internally developed browser extension that grabs the access code from this server upon login.

0 comments

plorkyeran1y ago

Or more primitively than that, I've seen small offices have an old shared phone with a bulging battery that's used for 2fa (or even just having it attached to someone's personal phone and just asking them for the code when you need to log in).

scott_w1y ago

1Password and LastPass both offer this feature, too.

Don’t use LastPass though.

neilv1y ago

Impressive. Is the reason for this "2FA server" to circumvent per-seat licensing, or some other reason?

scott_w1y ago

It’s also because there might only be one super admin account allowed, which also needs to be the most secure. But you don’t want the person with the 2FA codes to wander off with them one day!

j / k navigate · click thread line to collapse

0 pointshananova1y ago0 comments

0 comments

plorkyeran1y ago

scott_w1y ago

1Password and LastPass both offer this feature, too.

Don’t use LastPass though.

neilv1y ago

Impressive. Is the reason for this "2FA server" to circumvent per-seat licensing, or some other reason?

scott_w1y ago

It’s also because there might only be one super admin account allowed, which also needs to be the most secure. But you don’t want the person with the 2FA codes to wander off with them one day!

j / k navigate · click thread line to collapse