• @[email protected]
    link
    fedilink
    English
    108 months ago

    I’ve had this argument with different people when asking for a hardware token vs app only two factor.

    I’m not installing a proprietary app on my personal device. I’ll use a open standard, I’ll use a light weight hardware token. I’m not going to run a invasive binary black box for push authentication 24/7 on my personal device.

    At this point everyone has extra phones that don’t get security updates. I just used a old phone installed the app on that phone, and left it in my desk… It’s kind of a terrible security dongle at this point.

    • @[email protected]
      link
      fedilink
      English
      18 months ago

      Has to be company phone of course. In IT I don’t want nothing to do with your personal device.

      Here in Finland it is normal (or even required) that company provides you phone and subscription if your work needs that.