Email or username:

Password:

Forgot your password?
All posts nixCraft's posts Post Back to profile
Top-level
GreenDotGuy

@nazokiyoubinbou @nixCraft It's safer than you think!

The app itself is a trusted pathway to the service, and it's probably been authorized at least once with a password or something more complex. The PIN is just an additional factor. Totally different from the WiFi situation, where that one code will allow virtually anything to connect in and do stuff.

21 Nov 2023 at 1:12 | Wall-to-wall | Open on infosec.exchange
2 comments
Nazo

@DarcMoughty @nixCraft I think you meant to post this to them, not me, but I do want to point out that this isn't quite as literal as I think you've taken it to be. The point is just some things that seem like they don't need so much protection go over-the-top even with crazy requirements then some things that need heavy protection have little to none.

21 Nov 2023 at 1:17 | Open on mastodon.social
Nazo

@DarcMoughty @nixCraft A better example might be the bank requiring capitals, numbers, symbols, and the sacrifice of your firstborn to login then, once logged in, the only real protection on it is your phone's biometric lock or PIN, often enough easily faked or watched.

21 Nov 2023 at 1:17 | Open on mastodon.social
Go Up