What’s the point of 2FA, if there’s a recovery code you can use when you lose ability to use your 2FA device?

645 views
0 Comments

In the end, isn’t that recovery code just the same as a password?

In: 174

17 Answers

Anonymous 0 Comments

It’s the “Something you have, and something you know” model. The something you have part reduces the likelihood of an attackers success by orders of magnitude (no clue to real number but probably a lot).
You are viewing 1 out of 17 answers, click here to view all answers.