Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

The whole point of 2FA is that 2 devices need to be compromised - your phone AND your computer. With desktop Authy only one device - your computer - needs to be compromised.


This is correct but, in the vast majority of cases, attacks are carried out remotely. I would agree that where third parties have access to your machine, it would be not be a good solution.


If someone controls your computer remotely, it's the same as if she controlled it physically, no difference from pownership point of view.




Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: