Karl Fredrik on Nostr: How does the #infosec crowd feel about putting #TOTP in a password manager like ...
How does the #infosec crowd feel about putting #TOTP in a password manager like 1Password?
It's really convenient to just fill out the MFA prompts directly from the password manager, rather than pulling up my phone to get the code.
---
Does it become just 1 factor when PW and possession factor resides the same place?
Does 1PW's security model make up for that?
How does it compare to syncing TOTP through a cloud service like GAuth?
Are soft passkeys in 1PW better?
#askfedi
It's really convenient to just fill out the MFA prompts directly from the password manager, rather than pulling up my phone to get the code.
---
Does it become just 1 factor when PW and possession factor resides the same place?
Does 1PW's security model make up for that?
How does it compare to syncing TOTP through a cloud service like GAuth?
Are soft passkeys in 1PW better?
#askfedi