• lmmarsano@lemmynsfw.com
    link
    fedilink
    English
    arrow-up
    1
    ·
    edit-2
    2 minutes ago

    Nah, any decent password manager or security application can manage multi-factor security credentials of any kind without failure due to phone loss.

    Password authentication is beyond primitive by offering too many avenues of attack: the full secret is transmitted & shared. Passkeys, client certificates, OTP don’t transmit the secret key. Passkeys & client certificates authentication never share a secret key, so the server can’t expose it.