January 11, 2021

Why have TOTP codes become the generally accepted 2FA standard over Push authentication?

They both have roughly the same vulnerabilities, though one could argue push notifications are a bit more robust against MITM attacks.

The only major things I know of that utilize it are Google and Duo, the latter only being available on the commercial level.

I would happily switch over to all push if it became an option places. TOTP isn’t terrible but it’s definitely clunkier.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: By filling this form and submitting your commen, you acknowledge, agree and comply with our terms of service. In addition you acknowledge that you are willingly sharing your email address with AiOWikis and you might receive notification emails from AiOWikis for comment notifications. AiOWiksi guarantees that your email address WILL NOT be used for advertisement or email marketting purposes.

This site uses Akismet to reduce spam. Learn how your comment data is processed.