One time password Authenticator - Mobile App?

[Delsus]

Mobile phone authenticators are very secure and are currently used across the business world as a way to lock down sensitive networks, etc.

The RSA SecurID is an industry standard. In fact, the iphone version of the app requires it's own 5 digit code to even access, so if anyone wants to hack your SE acct, they would need the following:

1. Your SE Acct User Name
2. Your SE Acct Password
3. Knowledge that you are using your iPhone Authenticator and not a Security Token
4. Your iPhone
5. Your Phone's password
6. Your Security Authenticator Password.

If anything, an iPhone Authenticator is even less likely to be compromised than a security token (which has a FF logo on it btw). Impossible? No, nothing is impossible in the world of hacking, but if anyone goes through all that to steal my acct -- until I call SE to get it restored -- then good luck to them.

And lets not forget if your phone is stolen decent security software lets you remotely lock and wipe your phone get that done fast enough and no one who steals your phone can hack your account, if a token gets stolen you have to go through SE not only to get access but to stop your account getting hacked.

[Zantetsuken]

And lets not forget if your phone is stolen decent security software lets you remotely lock and wipe your phone get that done fast enough and no one who steals your phone can hack your account, if a token gets stolen you have to go through SE not only to get access but to stop your account getting hacked.

Exactly - Can't do that with a token...

Those who say that this is not secure really need to do their research on it.

[Delsus]

Exactly - Can't do that with a token...

Those who say that this is not secure really need to do their research on it.

So many reasons why it should be implemented and any argument against can be easily countered.