1. 10

Improves on existing 2FA solutions in some interesting ways.

  1.  

  2. 8

    Looks like a nice solution to the problem. Although I do have a couple of quips with it. Most of the 2FA I use at the moment is using google authenticator / authy so the whole ‘no need for text messages’ isn’t really a big incentive to me. Also a box with text saying “Straightforward, low-cost pricing.” which then leads to a contact the sales team for pricing page is a bit of an antipattern in my books.

    Also, and more of a technical/semantic question but if it removes the password is it really two factor authentication? I understand the need to use familiar terminology but it feels more like a one time password solution that two factor.

    1. 4

      …a box with text saying “Straightforward, low-cost pricing.” which then leads to a contact the sales team for pricing page is a bit of an antipattern in my books.

      Looks like they designed their App Store page for users and their website for clients.

      …it feels more like a one time password solution that two factor.

      It’s just OTP, but “2FA++” is a better pitch for clients considering other 2FA solutions.

      1. 4

        quip

        noun

        1.
        a witty remark.
        

        I don’t think that’s what you meant. “qualm”, perhaps? I only mention this because I remember making the same mistake and feeling very embarrassed.

        1. 1

          Ah, well there you go, I most certainly did mean qualm. Or at least I certainly didn’t mean quip as it is defined. I’ll keep the one in mind for the future.

        2. 1

          Does the PIN on the phone app qualify as a factor in itself? If so, it could be called 2FA.

          1. 2

            Arguably? The PIN is weak to different attacks than the network service is…

            1. 1

              Good point

        3. 5

          Unfortunately their comparison table is missing Duo, which is probably the closest competitor.

          1. 2

            I wonder how this compares to SQRL, apart from the personal controversy around the author of SQRL