mfa-interop - RE: [MFA-Interop] Changes based on conversation on today's call
Subject: MFA Interop Working Group
List archive
- From: Eric Goodman <>
- To: "" <>
- Subject: RE: [MFA-Interop] Changes based on conversation on today's call
- Date: Fri, 29 Apr 2016 14:47:07 +0000
- Accept-language: en-US
- Authentication-results: incommon.org; dkim=none (message not signed) header.d=none;incommon.org; dmarc=none action=none header.from=ucop.edu;
- Spamdiagnosticmetadata: NSPM
- Spamdiagnosticoutput: 1:23
>Do not underestimate the other way around, for example a "second factor"
>mobile phone, with "first factor" password stored in login forms in the web
>browser in the phone.
FWIW, we address this point without solving it. In the next two bullets after
the ones I referred to, we say:
"Additionally, users can take actions that reduce the ability to treat
otherwise independent factors as “independent”; for example, a user storing
their software OTP generator on a network device accessible using just the
“first factor” password.
"The MFA profile does not enumerate specific requirements the institution
must meet to protect against these forms of authentication dependence, but
technical restrictions (where feasible) and user education are highly
recommended to mitigate the risks of users deploying factors in a manner that
decreases their independence."
Does that more or less addresses your concerns?
--- Eric
- Re: [MFA-Interop] Changes based on conversation on today's call, (continued)
- Re: [MFA-Interop] Changes based on conversation on today's call, Nick Roy, 04/29/2016
- Re: [MFA-Interop] Changes based on conversation on today's call, David Langenberg, 04/29/2016
- Re: [MFA-Interop] Changes based on conversation on today's call, Nick Roy, 04/29/2016
- RE: [MFA-Interop] Changes based on conversation on today's call, Roger A Safian, 04/29/2016
- RE: [MFA-Interop] Changes based on conversation on today's call, David Langenberg, 04/29/2016
- Re: [MFA-Interop] Changes based on conversation on today's call, Scott Koranda, 04/29/2016
- Re: [MFA-Interop] Changes based on conversation on today's call, Keith Hazelton, 04/29/2016
- Re: [MFA-Interop] Changes based on conversation on today's call, Bellina, Brendan, 04/29/2016
- Re: [MFA-Interop] Changes based on conversation on today's call, Nick Roy, 04/29/2016
- Re: [MFA-Interop] Changes based on conversation on today's call, Ann West, 04/29/2016
- Re: [MFA-Interop] Changes based on conversation on today's call, Keith Hazelton, 04/29/2016
- Re: [MFA-Interop] Changes based on conversation on today's call, Scott Koranda, 04/29/2016
- RE: [MFA-Interop] Changes based on conversation on today's call, David Langenberg, 04/29/2016
- Re: [MFA-Interop] Changes based on conversation on today's call, David Langenberg, 04/29/2016
- Re: [MFA-Interop] Changes based on conversation on today's call, Nick Roy, 04/29/2016
Archive powered by MHonArc 2.6.16.