11-02-2016 08:36 PM
Hello DUO Community,
I was wondering if DUO and/or the Community had thoughts regarding the claim by AgileBits that they have implements a Better than two-factor™ scheme?
https://support.1password.com/understanding-account-key/#better-than-two-factor
11-04-2016 06:52 AM
Hey jgallias,
The white paper you link to describes this perfectly -
In one important sense it could be a considered a second “factor”, but by many other definitions it cannot be. What is most important, though, is the different kind of threat it is defending against. Typical mfa has the second factor defending against capture or discovery of the password, but your Account Key is designed to protect you against a breach of the server.
It boils down to authentication “versus” encryption. (The AgileBits team has a pretty good discussion on this here: https://support.1password.com/authentication-vs-encryption) There are merits to both and in any sane security model both are required. Both are effective in their own way defending against specific threats. Asking “which is better?” is a false binary.
Cheers
11-04-2016 08:54 AM
Yeah that’s what concerns me about the claim “Better than two-factor™”… seems like a marketing gimmick.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide