Jump to content

Multi-Factor Authentication


Vihmakass
 Share

You are about to reply to a thread that has been inactive for 917 days.

Please take a moment to consider if this thread is worth bumping.

Recommended Posts

In mine country we dont use MS authentication bc it is unsafe. We have digital ID with what we do all - log in, go to bank or vote aso.

I bet many other countries have smth similar too.

Why limit people to use smth non safe and very complicated to use? Also not approved by their country? None place here uses it to secure their data - any bank will laugh onto your face if you try use it.

Why not let people to use way in what they believe and what is really secure?

MS isnt secure, it has been shown many times, they only want fish your data and doesnt care whom they give it.

Edited by Vihmakass
Link to comment
Share on other sites

On 9/22/2021 at 9:21 PM, Vihmakass said:

MS isnt secure, it has been shown many times, they only want fish your data and doesnt care whom they give it.

The authentication isn't Microsoft Auth or something but the TOTP standard at work: https://en.wikipedia.org/wiki/Time-based_One-Time_Password or for a more graphic explanation try https://www.allthingsauth.com/2018/04/05/totp-way-more-secure-than-sms-but-more-annoying-than-push/

While it would be nice to have other, additional options, it is technically one of the safer options that does not require any privacy invading apps or phone numbers or similar stuff. WebAuthn would be another step up in security.

If your country has a nice and working eID implementation, thats cool (and sadly still rare worldwide).

But LL probably does not target all the fragmented eID ecosystems in all the countries, especially not for smaller countries as a priority. In addition, some countries have hillariously bad national eID programs. For example germany with its citizen cards, "Personalausweis", which is technically very advanced and really good for eID, but hampered by stupidly complex requirements for anyone trying to use it. If you, as a provider, wanted to use the german eID functionality, you would have to register with the federal office, buy some expensive license, setup some specialized service etc, all amounting to costs of at least 50.000 €/per year or more to offer it at all, according to some estimates. So if other countries have similar programs it would be quite expensive to offer the specialized service for every country SL works in.

Link to comment
Share on other sites

You are about to reply to a thread that has been inactive for 917 days.

Please take a moment to consider if this thread is worth bumping.

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share

×
×
  • Create New...