Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1840
Views
0
Helpful
2
Replies

AgileBits Better than two-factor™

jgallias
Level 1
Level 1

‎11-02-2016 08:36 PM

Hello DUO Community,

I was wondering if DUO and/or the Community had thoughts regarding the claim by AgileBits that they have implements a Better than two-factor™ scheme?

https://support.1password.com/understanding-account-key/#better-than-two-factor

Labels:
0 Helpful
2 Replies 2

gleezy1
Level 1
Level 1

‎11-04-2016 06:52 AM

Hey jgallias,

The white paper you link to describes this perfectly -

In one important sense it could be a considered a second “factor”, but by many other definitions it cannot be. What is most important, though, is the different kind of threat it is defending against. Typical mfa has the second factor defending against capture or discovery of the password, but your Account Key is designed to protect you against a breach of the server.

It boils down to authentication “versus” encryption. (The AgileBits team has a pretty good discussion on this here: https://support.1password.com/authentication-vs-encryption) There are merits to both and in any sane security model both are required. Both are effective in their own way defending against specific threats. Asking “which is better?” is a false binary.

Cheers

0 Helpful

jgallias
Level 1
Level 1
In response to gleezy1

‎11-04-2016 08:54 AM

Yeah that’s what concerns me about the claim “Better than two-factor™”… seems like a marketing gimmick.

0 Helpful
Quick Links
     
                  Duo Release Notes   Duo Discussion Forums      
 
 
Customers Also Viewed These Support Documents