Correct me if I'm wrong, but separate apps for 2FA generation and password management would have done nothing in that case.I would suggest using separate apps for 2FA generation and password management. It may seem convenient to have both available from the same app, but it’s at the risk of having only one line of defense if that were hacked. See https://www.zdnet.com/article/hackers-s ... en-to-you/
The article states "The attackers were also stealing session cookies, which meant they could access accounts remotely as an authenticated user... And that would have been true even if the PC's owner had used only phishing-resistant 2FA codes or prompts managed on a separate device."
It just so happens that I do use two separate apps, but I don't think it makes me more secure from that type of attack.
Statistics: Posted by typical.investor — Sun Nov 16, 2025 11:52 pm — Replies 180 — Views 12426