If you are in the habit of using strong passwords (randomly generated by passwor

Question

If you are in the habit of using strong passwords (randomly generated by password manager) is there any point in using two step authentication?

Assuming that 99% of the time that when you enter a password you do so on your own device e.g. machine less likely to have key loggers on it (not some public library or cafe machine). What in this case is the point in having a two step authentication system other than piece of mind?

I can understand having 2FA to a password manager as you are repeatedly entering this password and it effectively contains the keys to everything else but for everything else why bother?

If I'm missing something here please tell me.

Explanation / Answer

There are a few benefits that persist in 2FA:

+ A keylogger can't make use of my 2FA passwords for later.
+ I can't share my 2FA with somebody on an ongoing basis.
+ I'm more likely to know my 2FA credentials are compromised (e.g., because my token is missing) than somebody simply copying my sticky note hidden in my wallet.
+ Somebody who phishes you will be have a limited window during which 2FA will be useful for them and it won't be ongoing.

Controlling the password is usually weaker than the password itself, and that makes 2FA very helpful even with very strong passwords.

Related Questions

Navigate

• Browse (All)
• Browse I
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.