Re: South Africa On Lockdown - Coronavirus - Update!

[Eric Tykwinski <eric-list () truenet com>]

I think that’s the major sticky point, I would hope we could all agree on one thing, but that also leaves one entry 
point of failure.  Hopefully we can all agree that FIDO2, OAUTH2, et al, with be a winner in the long run so everything 
can just use one simple authentication mechanism.

Sincerely,

Eric Tykwinski
TrueNet, Inc.
P: 610-429-8300

> On Mar 23, 2020, at 5:23 PM, Mark Tinka <mark.tinka () seacom mu> wrote:
>
>
>
> On 23/Mar/20 22:39, Keith Medcalf wrote:
>
> > Hardware tokens are nothing more than dedicated hardware TOTP devices with perhaps a few additional parameters 
> > programmed at manufacturing time.  Example, RSAID keyfobs are nothing more than TOTP generators with manufacturer 
> > programmed secrets and dedicated clock and display hardware with no external interface which permits access to the 
> > secret.
>
> For some of my banks, OTP tokens are issued via their device apps. I
> used to have physical key fobs for that; those are now gone.
>
> Admittedly, not all of my banks have made the transition. On the other
> hand, many of the banks have moved on to support Face ID and QR code
> verification via device apps.
>
> Not specific to VPN access management, but in the same vein.
>
> Mark.