nobspls :
TJ Hooker :
...NIST has already deemed SMS 2FA insecure, ....
Try reading carefully for a change see:
https://techcrunch.com/2016/07/25/nist-declares-the-age-of-sms-based-2-factor-authentication-over/
It is 2 factor over SMS, because SMS has not been secure for decades even before 2016. And to smear that as if all 2 factor is insecure is just bogus.
Err, what? I said that using SMS for 2FA is insecure according to NIST, how is that any different than what you or that article are saying? And I did not act as though the fact that SMS 2FA is insecure makes all other 2FA insecure. I comment on other 2FA on their own merits starting literally the next word after the end of the quote you snipped out of the first sentence of the last paragraph of my post. That might be the most transparent straw-man argument I've ever seen.
Here's what that article says regarding other forms of 2FA:
"The alternative is to use a dedicated 2FA app like Google Authenticator or RSA SecurID, or a dedicated secure device like a dongle. There are plenty of options — SMS was just the easy one."
As I already pointed out, those other methods rely on taking a private key and a timestamp and hashing them to produce a temporary code. If someone has a quantum computer capable of reversing existing hash functions, then if they were to intercept the code you send during login they could potentially obtain your private key and therefore start generating codes going forward the same as the legitimate 2FA user. Meaning that if such technology (capable of reversing hash functions) were to exist then I believe that other forms of 2FA would be vulnerable to possible interception, which is the similar to the reason that NIST recommends against SMS 2FA in the first place (risk of interception/redirection). That's my understanding of it anyway, it's entirely possible I'm missing something here.
Who is to say future 2 factor won't require quantum entanglement to defeat quantum computers? But I can bet that your blockchain, bitcoin, bit coin cash, etherium, and other number numerous crypto coupons (calling them currency is an insult to real currency) scams sure won't be getting that upgrade for security any time soon.
Ok, so you don't think that blockchains will be updated to deal with quantum computers. Given that the debate we're having (or at least part of it) is 'will blockchains be updated to deal with quantum computers', simply stating that they won't be based on nothing but your own beliefs is just begging the question.
As expected, yep, more FUD from the crypto hype specialist.
I wasn't aware I'm the "crypto hype specialist". It's telling that your posts continue to get more condescending and resort to name calling as your arguments get refuted.