On Thu, 2024-01-11 at 14:35 +0100, Mike B wrote:
My rational for this is that some organisations do not allow phones within the office, nor have any Apps available to install on their systems. Perhaps a more generic scenario is if a phone is out of battery. I'm sure you can appreciate while I am in favour of MFA I think this must be in a different format.
TOTP can be done without phones or phone apps... it just needs the shared secret and a HMAC fucntion, this can be done via various password-managers, simple python-scripts, your Ti-81 calculator or any number of other methods. I would advise against any form of e-mail 2fa, as this really reduces it to a single-factor (with password-resets via email). -- Mark Janssen -- Sig-I/O Automatisering mark@sig-io.nl http://sig-io.nl Phone: +31-6-5886.7992 Linux, Unix, Networking, Hosting, Virtual Private Servers and more