undefined | Better HN

0 pointsarnarbi11y ago0 comments

Re 1: If a.com is hacked, only a.com's OTP seeds are compromised. b.com should (hopefully) use different seeds, so 2FA still prevents someone from logging in.

0 comments

MarkMc11y ago

Yes you are right - I was thinking about the case where only a.com uses 2FA, not b.com

j / k navigate · click thread line to collapse

0 pointsarnarbi11y ago0 comments

Re 1: If a.com is hacked, only a.com's OTP seeds are compromised. b.com should (hopefully) use different seeds, so 2FA still prevents someone from logging in.

0 comments

MarkMc11y ago

Yes you are right - I was thinking about the case where only a.com uses 2FA, not b.com

j / k navigate · click thread line to collapse