Hacker Newsnew | past | comments | ask | show | jobs | submit | nowen's commentslogin

Google authenticator is only one-factor, possession of the shared secret in the phone. That's why it requires 'two-steps'.


Well, the password on the phone is the other factor. No need to send the password anywhere.


So, we get a lot of questions about how to implement 2 factor authentication. You can do it quick and simple, but it is more secure to run it through your directory (AD). This eguide shows you how to do it end-to-end using standard protocols, so it works with any 2 factor solution, not just ours. Enjoy.


I hate to use the cliché, but: weakest link. SMS and dial-back systems rely on the security of the telco, who are dis-incented to secure their users' accounts. These systems do not use encryption! Of course they are going to get owned.


Consider applying for YC's Summer 2026 batch! Applications are open till May 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: