Please recommend OTP software

[ispano]

The problem that people encounter with the Android/iOS Token Apps is that someone could still gain control of your phone and figure out your token serial and such and take your account that way. With a physical token, they would need to go to greater lengths.

[DoctorPepper]

The problem that people encounter with the Android/iOS Token Apps is that someone could still gain control of your phone and figure out your token serial and such and take your account that way. With a physical token, they would need to go to greater lengths.

That really makes no logical sense.. Somebody could just as easily steal my one time password token. In fact, considering you cannot set an emergency password for the physical token, I would almost say you're even less safe.

[ispano]

That really makes no logical sense.. Somebody could just as easily steal my one time password token. In fact, considering you cannot set an emergency password for the physical token, I would almost say you're even less safe.

I didn't say physical access to the phone, i'm talking about it being compromised over the internet. I mean, many people root/jailbreak their phones without knowing the potential consequences. You can't compromise a physical token over the internet. Sure you can set up a man in the middle attack and such, but that takes more work. So, yes, it makes perfect logical sense.

[Yoohre_WildRiver]

I didn't say physical access to the phone, i'm talking about it being compromised over the internet. I mean, many people root/jailbreak their phones without knowing the potential consequences. You can't compromise a physical token over the internet. Sure you can set up a man in the middle attack and such, but that takes more work. So, yes, it makes perfect logical sense.

by simple setting your SU restrictions to prompt and not granting SU to everything you install should take care of any malware trying to hijack the OTG digits textfield

[ispano]

by simple setting your SU restrictions to prompt and not granting SU to everything you install should take care of any malware trying to hijack the OTG digits textfield

Has nothing to do with what I was speaking of. Just because you CAN make it more secure, doesn't mean people do. Or even know how to or such. The point was the phone is usually connected to the internet, the physical token is not, ever.

[Yoohre_WildRiver]

Has nothing to do with what I was speaking of. Just because you CAN make it more secure, doesn't mean people do. Or even know how to or such. The point was the phone is usually connected to the internet, the physical token is not, ever.

you cant say something is not secure because of peoples ignorance. i have rooted android OS and my phone is secure because i took time to learn about what im doing with my phone, so i can say my phone OTG password is as secure as a physical token