Remove Nitrokey (#2592)

This commit is contained in:
Jonah Aragon 2024-05-30 11:10:43 +09:00
parent 2b97f64f3b
commit 85199e0497
No known key found for this signature in database
11 changed files with 124 additions and 101 deletions

View file

@ -35,7 +35,7 @@ Unlike [WebAuthn](#fido-fast-identity-online), TOTP offers no protection against
An adversary could set up a website to imitate an official service in an attempt to trick you into giving out your username, password and current TOTP code. If the adversary then uses those recorded credentials they may be able to log into the real service and hijack the account.
Although not perfect, TOTP is secure enough for most people, and when [hardware security keys](../multi-factor-authentication.md#hardware-security-keys) are not supported [authenticator apps](../multi-factor-authentication.md#authenticator-apps) are still a good option.
Although not perfect, TOTP is secure enough for most people, and when [hardware security keys](../security-keys.md) are not supported [authenticator apps](../multi-factor-authentication.md) are still a good option.
### Hardware security keys

View file

@ -164,7 +164,7 @@ There are many good options to choose from, both cloud-based and local. Choose o
<div class="admonition warning" markdown>
<p class="admonition-title">Don't place your passwords and TOTP tokens inside the same password manager</p>
When using TOTP codes as [multi-factor authentication](../multi-factor-authentication.md), the best security practice is to keep your TOTP codes in a [separate app](../multi-factor-authentication.md#authenticator-apps).
When using TOTP codes as [multi-factor authentication](../multi-factor-authentication.md), the best security practice is to keep your TOTP codes in a [separate app](../multi-factor-authentication.md).
Storing your TOTP tokens in the same place as your passwords, while convenient, reduces the accounts to a single factor in the event that an adversary gains access to your password manager.