Multi-Factor, maybe, but is it really harder to phish?
MIT Tech Review asked me for a general comment on web authentication for their article covering new technology by Delfigo. There wasn’t enough time to look in depth at Delfigo’s technology, so my comments were about multi-factor authentication in general, and whether the additional factors are easily phishable. In other words, it’s interesting if authentication looks at more than just your password, but if it’s just as easy to trick a user into communicating the extra information and replaying it against the authentication server, then it may not be all that useful. According to the Tech Review article, Delfigo looks … Continue reading Multi-Factor, maybe, but is it really harder to phish?