Welcome! Please join the dialogue.
Bohmian.org - Discussion - Remembered information in addition to an initial password is not a form of two-factor authentication - m
m joined January 13, 2008 (logged-in March 11, 2020) <beez> Bitching where bitching is due -- and often where it is not.
m
posted March 29, 2010
Requiring two forms of remembered information are both the same
type of
authentication, and is at best, no stronger than a single password of the combined length. In practice, as at least one of the pieces of remembered information is often keyed by a prompt, the second password is generally much weaker if at all meaningful.