[imp] 2-Step Authentication
Michael M Slusarz
slusarz at horde.org
Thu Apr 19 05:35:59 UTC 2012
Quoting Simon Brereton <simon.brereton at buongiorno.com>:
> Hi
>
> Are you planning to implement 2-step authentication in the next
> Horde release?
>
> http://www.codinghorror.com/blog/2012/04/make-your-email-hacker-proof.html
>
> It would be relatively trivial so long as a mobile app can be written
> (and that could be done in html5, so it shouldn't need to be device
> dependent).
Generally, I find Atwood's blog posts interesting and informative.
But this article is just garbage.
2-step authentication provides no more security than enforcing minimum
password lengths, non-dictionary passwords, and/or expiration dates.
Not to mention that you are now introducing MORE avenues where the
authentication chain can break down: the more complex a system, the
more attack points there are.
And labeling his article "Make your email hacker proof?" He's just
playing on FUD.
This two-step authentication is just Google marketing fluff. Can't
believe he is eating it up like this.
michael
___________________________________
Michael Slusarz [slusarz at horde.org]
More information about the imp
mailing list