2FA: Two Factor Authentication - Computerphile

edna. mode.

how did we get from "more factors help" to "oh and the additional factor cannot just be random, let's look at this HMAC" ?

Is there any research papers regarding this, or something explaining the technical side a bit more?

wait wait wait wait....

I figured command override passwords in star trek was always to be used in an emergency from anywhere on the ship/base therefore necessitating a voice activation through the computer voice terminal. Of course it will be a one-time or few time use within the actual emergency and to be updated immediately after use.

For extremely delicate and serious uses you need both the captains and the commanders and/or chief engineers concurring inputs.
i.e self-destruct activation.

Do keys make you secure? like hardward, like the yubikey 5c nfc?

You could have stored all your TOTP keys in a separate database of a password manager and, once you phone has broken down, you'd ask a friend for a substitute phone for a few weeks if they have a spare obsolete model, and you'd install the password manager there and the TOTP base.

Your story about the two weeks without TOTP is actually what happens when you know enough to set up a password manager and use a password database regularly but forget to set up proper backup system BEFOREHAND. If you TOTP base exists only on your phone and doesn't get backed up regularly and often enough, then when you phone breaks you'll lose it, so find out how to better sync and backup stuff from your many clients. And better use cloud + encryption for one of the backup copies, but also have a few local ones. And maybe store the backups in such a way so that you'd have 3 (2 local and 1 in the cloud) up-to-date ones and 3 (2 local and 1 in the cloud) 1 day or so late, and also have version control for all your backups, that way, even if you do something wrong and the new backup isn't right, the version control will have the previous version and the 1 day late scheme will save you from re-writing a backup repo with a repo that has a corrupted index.

Check out BorgBackup.

02700400143663000001

☝️☝️☝️The name above me fix 2fa problem. contact him now if you need help

☝️☝️☝️The name above me fix 2fa problem. contact him now if you need help

I noticed some apps like discord have backup codes displayed on the actual app just in case you do not have access to your authenticator apps. Is this a security flaw? It seems like it could be. Feels like it defeats the purpose.

Which previous video was he referring to?

My brain cells just died listening to his explanations lols

And I thought I was a nerd!

it's not so much identify you are who you say you are, it is more knowing some information that is harder to know. for instance if you have access to a mobile phone, you have access to ALL the apps on that phone, be that an authenticator app, a stored password database, that doesn't mean the person is you. but it is harder for some other person on the other side of the world having access.

👆👆👆The name I'm pointing help me fix mine. Contact he now if you also need help...

👆👆👆The name I'm pointing help me fix mine. Contact he now if you also need help...

素晴らしい👏
って言いたいけど内容わかんないし英語もわかんないや！

When a Fortnite player looks at this...

i lost my account 2fa

Fortnite

Your talking about fortnite

Several times now, they have done a SIM swap and the hackers got hold of the text message with the code and then logged in. After this, our company will never use SMS text for MFA again.

I log in with the factor of the way I am. This is the hardest to get since it can only be found on every single social media app I use and changes every tenth of a nanosecond.
For example right now I self identify as a non-binary loathing banana that's sexually attracted to fleas.

Either I use it and be paranoid I’ll loose access to the email/number I use, or don’t and be paranoid someone will really easily breech my things.

Perhaps in Star Trek their communicator provides an exact location, and it verifies both the voice and the location of the voice match.

Unix time is UTC

Ti adoroooo

Idea : scan the qr code for 2fa with multiple devices. Yes the security is a little less, but if your phone gets broken you still have the totp on your other phone…. I don’t know if you guys are reading this in 2021. But could you do a video about the mathematics behind webauthn?

Thanks dude, this was very helpful, you're carrying my CS exam right now. :)

Hi

Bro 2fa fortnite

meh boy mike has the most loveable facial expressions and way of speaking.. like idk its just soo nice to just watch

Computer security, verify you are who you say you are. US voting.... anyone can vote for anyone else.

Hi
Can anyone help me retrieving my permenantly disabled facebook account?

We get crazy internet speeds, but can't get SMS in time or ever. That's my main problem with two factor

Спасибо

why wouldnt 2fa be read first then the password. So that people couldnt social engineer your password?

Omg all thanks to those who recommended me to Shield_cr4ack on Instagram he’s a pro, he unlocked my PC all thanks to him

@Comupterphile. I am wrong for presuming that 2FA to work, I must have a KEY that corresponds to my Facebook profile to gain access? My situation is that my account was hacked and then the activated the 2FA feature that I hadn't previously used. Facebook confirmed that I was hacked, but since I was logged out on my other devices, I can't access the key. I've contacted FB, but they've been giving me a hard time... They won't deactivate/bypass the feature and won't send me text authentication instead... What can I do?

Who is this guy?? He should be an educator. Fantastic speaking and explanatory skills!

And btw, to whom is he speaking? Is he being interviewed/ Why else does he looks past the camera?

NO do not enable this feature you will lose access to your accounts if
you lose access to your original phone numbners do not use

so my master password is 11 characters long with symbols, upper and lower case letters and digits. would this be considered strong or weak?

I learned so many things that my university didn't really teach me in this channel Thank you guys

Clicks video: lets talk how i lost a discord account due to 2FA

Nobody:
Computerphile: Ah let’s start talking about passwords-

Save your keys for you 2fa in your password manager folks