Hacker Timesnew | past | comments | ask | show | jobs | submitlogin

TOTP isnt designed to be against phishing. Its against weak, leaked or cracked passwords.


Lots of junk TOTP apps in app stores.

Once heard of a user putting in a helpdesk ticket asking why they had to pay for the TOTP app. Then I realize their TOTP seed is probably out in the open now.

I’m sure we can imagine how else this could go badly…




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: