Tue Sep 05, 2017 1:04 pm
#1556912
JoeC wrote:Could the key logger do that to my password manager password?
Of course it could.
It wouldn't make the slightest bit of difference if the key service used 2 factor authentication in the first instance, then other "hardening" options such as trusted device, geo-aware IP filtering (you can't be in England on your iPad one minute then Russia on an untrusted Ubuntu VM the next ) etc.
With good 2nd factor authentication - what you type in is time limited/one use "response", thus rendering key logger useless in this instance.
Having an RSA/digipass style key might be a bit overkill for most - although many of my clients insist on them for remote login to their systems. Those that don't, now do the 2nd factor via one-time SMS to my phone.
I actually quite like the Microsoft Authenticator app on my iPhone. I always have my phone with me.
I don't know of any "key services" that use 2 factor authentication though - but then again I haven't looked...and I doubt it would be popular as it is always a "faff"....