*Could anyone explain to me what's the point of Google's two-factor authenticati... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		grey-area on Feb 25, 2013 \| parent \| context \| favorite \| on: Bypassing Google’s Two-Factor Authentication Could anyone explain to me what's the point of Google's two-factor authentication? Without application specific passwords it's actually pretty secure. With ASP of course, according to this article, it's no more secure at all. So it looks like ASPs need to be revised/locked down. That doesn't mean that 2-factor security is useless in principle, just that this facet of it is insecure.

badgar on Feb 25, 2013 [–]

> With ASP of course, according to this article, it's no more secure at all.

This is not at all the conclusion of the article. This isn't a bright-line issue; security exists on a spectrum.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact