• Hotzilla@sopuli.xyz
    link
    fedilink
    English
    arrow-up
    0
    ·
    edit-2
    7 months ago

    Sorry, as IT person I have to disagree, app based MFA is just way much easier to maintain instead of HW keys.

    Edit: forgot to mention that in Finland companies here has to provide phone if your work require that. In IT I don’t want nothing to do with users personal devices, and it sounds insane to me that in US companies force apps to your personal devices.

    • MSids@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      7 months ago

      App-based TOTP are not phishing resistant and do not require any level of proximity to the login session. The future is more likely passkeys that use device TPMs.