In a few weeks I’ll do a workshop about security for people who are tech illiterate, I plan to teach about password managers and 2FA.

If I show the 2FA number codes, like the 123 456 ones that I have to paste when required, can that be a possible security breach for me? or is it save since is gonna change in a few seconds anyway?

  • Muddybulldog
    link
    fedilink
    English
    11 year ago

    As you suspect, only during the sixty or so seconds that they are valid.

    SMS-based codes tend to be longer lived.

    They’re useless without your other authentication factors, e.g. login, password.