Hacker News new | past | comments | ask | show | jobs | submit login

I'm no security expect (and a bit of alcohol is helping write this), but I do honestly feel like people are shooting themselves a bit, especially to the point of using pass-otp, which is presumably ALSO where you're storing your passwords... It really feels like you've got two keys to a safe that two seperate people look after. But then decide to go for a beer together and one holds the other's key whilst they get another drink...

Sometimes conveniece definitely comes at a cost, and getting to the point of having an application to 'remember' your passwords (ignoring the fact the passwords can then be completely unique and more secure) and then duplicating the OTP keys (that are meant to be kept on an independent device) into the same application seems like a step to far.. at least for me! Think I'd prefer the inconvenience :/ No offense to anyone else's comments intended!




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: