Hacker News new | past | comments | ask | show | jobs | submit login

> What problems do you face with whatever 2FA you use?

Ease of migration. I'm currently migrating away from Authy to Aegis. This experience in Aegis is simple because it can import and export the data.

I use gauth [0] on my laptop since there's no Aegis desktop client. This requires adding any new 2FA accounts to both Aegis and gauth at the same time, meaning I need both devices with me. I've not yet tried to export from Aegis and add to gauth separately later, but I'm hoping that will be okay.

> A QR code will be generated on the phone for each login attempt. The website/app where the user is logging in will scan that QR code

Not sure I understand. How will a website be able to scan my phone's screen?




> How will a website be able to scan my phone's screen?

Using your webcam. However from the comments it seems that there are a lot of devices without a webcam so my idea will not work.


My laptop doesn't have a webcam, and even if it did, I wouldn't permit my web browser address to it unless I really needed to. A website that asks me to access the webcam just to log in isn't going to appeal to me.

I've no idea how typical I am in this regard, though.

Could you turn the idea on its head? Could the website display the QR code and the phone scan it, as per WhatsApp and many others? Or perhaps the phone just displays the note ubiquitous "random raccoon" type wordset for the user to enter into the website?

I'm probably missing the point of your idea.


>the website display the QR code and the phone scan it I'm exploring that right now, thx a lot.

>I'm probably missing the point of your idea.

It was mainly a way to do 2FA with a phone but no SMS/internet on phone. However it looks like TOPTs solve this probelem.


> I'm exploring that right now, thx a lot.

No problem, good luck :) Is good to see someone experimenting in this area and asking for advice to stay on track.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: