this post was submitted on 31 Jul 2025
270 points (95.0% liked)

Technology

73534 readers
3204 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
L4s@hackingne.ws
270
Proton releases a new app for two-factor authentication (techcrunch.com)
submitted 2 days ago* (last edited 2 days ago) by RmDebArc_5@piefed.zip to c/technology@lemmy.world
98 comments fedilink hide all child comments
 

cross-posted from: https://piefed.zip/post/289079

Proton Authenticator Blogpost

you are viewing a single comment's thread
view the rest of the comments
[–] IllNess@infosec.pub 2 points 2 days ago (1 children)

The way I looked at it, it’s no different than having a mobile device with a password manager on it, because if someone steals your mobile device, they have access to everything as well. So the two-factor authentication apps shouldn’t be on desktop argument never made sense to me, mobile is the same way.

That is true. And more phones are stolen now than computers. Computers can have the same security and encryption if properly configured.

Even though you make a logical point, something in my gut doesn't feel right.

[–] FrederikNJS@lemmy.zip 2 points 1 day ago (1 children)

These are great points, but there is something more that phones have going for them.

All modern phones are full-disk encrypted by default, and can be remote wiped. I think this is only the case for Mac laptops, but not for Linux and Windows.

So if your phone is stolen, it's not really a risk of the thief having your password manager and your 2FA at the same time, but rather can they get in to your phone and then password manager and 2FA before you can trigger the remote wipe.

Unless the attacker is sophisticated enough to mirror the whole disk and attack it offline.

[–] IllNess@infosec.pub 2 points 1 day ago

Yeah. You have great points. A lot easier to wipe a device that is actively connected. Laptops don't usually have that luxury. It is a lot easier to take apart a laptop. It is easier to plug in a USB HID for brute forcing or to constantly move a pointer to prevent it from going to sleep.

I guess that's the feeling in my gut.

Thank you for your input.