Technology

38112 readers

546 users here now

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:

This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 3 years ago

MODERATORS

[email protected]

Google binning SMS MFA and replacing it with QR codes • The Register (www.theregister.com)

submitted 3 days ago by [email protected] to c/[email protected]

11 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 6 points 3 days ago (1 children)

I'm confused about how this is supposed to act as a second authentication factor 🤔

[–] [email protected] 5 points 2 days ago* (last edited 2 days ago) (1 children)

A guess/suggestion:

You have an app with a private key. The qr code contains data encrypted with the corresponding public key. Your app decrypts the data and transmits it to googles servers, proving you are in possession of the secret key.

[–] [email protected] 1 points 2 days ago

oh so it would just be app-based MFA but without using TOTP. That makes sense