elevateZoom (Requires jQuery)

Facebook Messenger (Donation)

Many donors of this blog prefer to donate their money through Facebook Messenger!

Click here to go to this blog's Facebook Page!

Thank you!

Activation Code - Donation (Multiple Options)


Request Web\PHP\JavaScript\HTML Project !

Contact us if you want us to develop a Web\PHP\JavaScript\HTML project for you!

Advertise On This Blog!

If you want a Product\Service\Event to be advertised on this blog, feel free to contact us!

Ads (Reserved)

Friday, May 21, 2021

"Password + Passcode" Login! (Passcode-Factor Authentication)

Password Reuse is proving to be a real and a big security problem these days, which is already forcing a lot of websites to implement ridiculous 2FA\MFA security measures! Two-factor or Multi-factor Authentication is a Waste of Time! (Click here to know more!)

The current way 2FA\MFA is being implemented is not the solution for Password Reuse, it's just another problem!

The solution for Password Reuse should\must be simple, practical and safe, thus, we propose a "Passcode-Factor Authentication" (PFA) solution, which would require "Password + Passcode" for users to login into their accounts!

What would be this "Passcode-Factor Authentication"?

Well, password is something that the user can choose, the user chooses whatever password he\she wants, weak, strong, random, reused, etc!

In the other hand, passcode would be something that the user can't choose, it should\must be a "Strong Long Random Code" generated by the website itself!

Then, both "Password + Passcode" would be required for users to login into their accounts, to change account settings, etc!

With this "Passcode-Factor Authentication" implemented, a Website should\must recommend its users to store the passcodes into a password manager!

The website should also recommend its users to use "Strong Long Random Passwords" by using their password manager's password generator and to never reuse passwords! (Strong Long Random Password + Strong Long Random Code = Hackproof)

This way, "Passcode-Factor Authentication" would prevent hackers to login into users accounts with reused passwords found in other websites data breaches!

Almost all accounts are hacked because of Password Reuse, thus, a simple solution like "Passcode-Factor Authentication" would be enough! Proposed solutions like 2FA Authenticator apps with 30 seconds input limit are neither simple, practical nor safe solutions, so almost all people will keep rejecting them!

2FA\MFA solutions that force people to be chained\dependent to emails, sms, authenticator apps\devices, etc, should\must be avoided at all cost!

No comments:

Post a Comment

ADS - Multi Share Calculator