Comment Re:Scripts that interact with passwords fields aws (Score 1) 365
Key- and screen-loggers? Pretty standard stuff I believe. All that's required is the wrong virus or trojan sneaking on to your machine somehow.
The main point is only that only one thing is needed to compromise security - knowledge - and thus is a stretch to cal two-factor under the traditional definition (at least so far as I understand it. I'm a programmer, but no expert on security)
I certainly don't contest the challenge that it's probably significantly more difficult to bypass. At first glance it would seem to have great potential, IF done well. But I don't even know enough details to judge the theory, and as always implementation details will likely expose far more vulnerabilties to hackers. The question is, would it continue to be fundamentally more secure if it became the primary means of security, or is it's primary benefit that of being a small small enough target that it's not worth the effort?