I don't agree, but can you point to a system that uses TOTP as a sole factor? | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		tptacek on Sept 7, 2024 \| parent \| context \| favorite \| on: Why Login Security Sucks I don't agree, but can you point to a system that uses TOTP as a sole factor?

lll-o-lll on Sept 7, 2024 [–]

Not really (I can login to some systems with just TOTP, but TOTP was registered as a supplemental to something else). I guess your point is that having the seeds exposed is as big a deal as having salted hashes exposed. Which is to say, not a big deal.

Fair enough.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact