privacyguides/privacyguides.org
1
1
Fork 0
mirror of https://github.com/privacyguides/privacyguides.org.git synced 2026-05-30 15:19:10 +00:00
Code Issues Activity

refactor: Move wiki articles to individual folders

Browse Source
This commit is contained in:
Jonah Aragon
2026-05-13 00:42:56 -05:00
parent db87170137
commit ac616498e3
67 changed files with 196 additions and 196 deletions
Download Patch File Download Diff File Expand all files Collapse all files
content/wiki/basics/multi-factor-authentication/_index.md
+2 -2
View File
@@ -52,7 +52,7 @@ When logging into a website, all you need to do is to physically touch the secur
The service will then forward the one-time password to the Yubico OTP server for validation. A counter is incremented both on the key and Yubico's validation server. The OTP can only be used once, and when a successful authentication occurs, the counter is increased which prevents reuse of the OTP. Yubico provides a [detailed document](https://developers.yubico.com/OTP/OTPs_Explained.html) about the process.
<figure markdown>
![Yubico OTP](./yubico-otp.png)
![Yubico OTP](yubico-otp.png)
</figure>
There are some benefits and disadvantages to using Yubico OTP when compared to TOTP.
@@ -70,7 +70,7 @@ U2F and FIDO2 refer to the [Client to Authenticator Protocol](https://en.wikiped
WebAuthn is the most secure and private form of second factor authentication. While the authentication experience is similar to Yubico OTP, the key does not print out a one-time password and validate with a third-party server. Instead, it uses [public key cryptography](https://en.wikipedia.org/wiki/Public-key_cryptography) for authentication.
<figure markdown>
![FIDO](./fido.png)
![FIDO](fido.png)
</figure>
When you create an account, the public key is sent to the service, then when you log in, the service will require you to "sign" some data with your private key. The benefit of this is that no password data is ever stored by the service, so there is nothing for an adversary to steal.