Results 1 to 10 of 11

Hybrid View

  1. 10-01-2013 12:51 AM #1
    DoctorPepper
    Player
    DoctorPepper's Avatar
    Join Date
    Aug 2013
    Location
    Limsa Lominza
    Posts
    922
    Character
    Doctor Pepper
    World
    Cactuar
    Main Class
    Samurai Lv 70
    Quote Originally Posted by ispano View Post
    The problem that people encounter with the Android/iOS Token Apps is that someone could still gain control of your phone and figure out your token serial and such and take your account that way. With a physical token, they would need to go to greater lengths.
    That really makes no logical sense.. Somebody could just as easily steal my one time password token. In fact, considering you cannot set an emergency password for the physical token, I would almost say you're even less safe.
    (0)
    Reply With Quote Reply With Quote
  2. 10-01-2013 12:55 AM #2
    ispano
    Player
    ispano's Avatar
    Join Date
    Oct 2011
    Posts
    2,753
    Character
    Melfina Amastacia
    World
    Excalibur
    Main Class
    Lancer Lv 60
    Quote Originally Posted by DoctorPepper View Post
    That really makes no logical sense.. Somebody could just as easily steal my one time password token. In fact, considering you cannot set an emergency password for the physical token, I would almost say you're even less safe.
    I didn't say physical access to the phone, i'm talking about it being compromised over the internet. I mean, many people root/jailbreak their phones without knowing the potential consequences. You can't compromise a physical token over the internet. Sure you can set up a man in the middle attack and such, but that takes more work. So, yes, it makes perfect logical sense.
    (1)
    Reply With Quote Reply With Quote
  3. 10-01-2013 01:01 AM #3
    Yoohre_WildRiver
    Player
    Yoohre_WildRiver's Avatar
    Join Date
    Apr 2011
    Posts
    758
    Character
    Yoohree Reborn
    World
    Zalera
    Main Class
    Culinarian Lv 70
    Quote Originally Posted by ispano View Post
    I didn't say physical access to the phone, i'm talking about it being compromised over the internet. I mean, many people root/jailbreak their phones without knowing the potential consequences. You can't compromise a physical token over the internet. Sure you can set up a man in the middle attack and such, but that takes more work. So, yes, it makes perfect logical sense.
    by simple setting your SU restrictions to prompt and not granting SU to everything you install should take care of any malware trying to hijack the OTG digits textfield
    (0)
    HeavensWard theme song lyrics:

    - "We can [Stance]dance if we want to
    We can leave your friends behind
    Cause your friends don't [Stance]dance
    And if they don't [Stance]dance
    Well they're no friends of mine"
    Reply With Quote Reply With Quote
  4. 10-01-2013 01:03 AM #4
    ispano
    Player
    ispano's Avatar
    Join Date
    Oct 2011
    Posts
    2,753
    Character
    Melfina Amastacia
    World
    Excalibur
    Main Class
    Lancer Lv 60
    Quote Originally Posted by Yoohre_WildRiver View Post
    by simple setting your SU restrictions to prompt and not granting SU to everything you install should take care of any malware trying to hijack the OTG digits textfield
    Has nothing to do with what I was speaking of. Just because you CAN make it more secure, doesn't mean people do. Or even know how to or such. The point was the phone is usually connected to the internet, the physical token is not, ever.
    (0)
    Reply With Quote Reply With Quote
  5. 10-01-2013 01:54 AM #5
    Yoohre_WildRiver
    Player
    Yoohre_WildRiver's Avatar
    Join Date
    Apr 2011
    Posts
    758
    Character
    Yoohree Reborn
    World
    Zalera
    Main Class
    Culinarian Lv 70
    Quote Originally Posted by ispano View Post
    Has nothing to do with what I was speaking of. Just because you CAN make it more secure, doesn't mean people do. Or even know how to or such. The point was the phone is usually connected to the internet, the physical token is not, ever.
    you cant say something is not secure because of peoples ignorance. i have rooted android OS and my phone is secure because i took time to learn about what im doing with my phone, so i can say my phone OTG password is as secure as a physical token
    (0)
    HeavensWard theme song lyrics:

    - "We can [Stance]dance if we want to
    We can leave your friends behind
    Cause your friends don't [Stance]dance
    And if they don't [Stance]dance
    Well they're no friends of mine"
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »