I'm aware that two-factor authentication (2FA) significantly enhances security, but it poses challenges for those without mobile phones. For example, I'd like to know if there are ways to securely access websites at a public library without needing another device. Most authenticator apps require installation on the device being used, which doesn't work in public scenarios. Is there any solution that provides the same security as 2FA but doesn't necessitate a secondary device or app installation?
5 Answers
2FA typically consists of two factors: something you know (like your password) and something you have (a device, USB key, etc.). So, while you don’t need a mobile device, you'll still need a second factor who could be a USB key or even an authentication app on another system. However, if you want absolutely no secondary device, then it doesn't really count as 2FA anymore.
Ever heard of grid card authentication? It's a method where you provide a user with a table of data, and they need to input one piece of that data as an additional factor. It's pretty straightforward and doesn’t require a secondary device.
There's another interesting method used by some banks. They have small calculators that generate a one-time code that you input along with your credentials. It’s not as portable as a mobile phone, but it works well for secure access in certain situations.
You could consider a FIDO security key like YubiKey. It's a physical device that doesn’t require a mobile phone and has a solid security profile; however, it can't be used with every single service.
You can use options like email or SMS for 2FA. But be aware that SMS isn't the most secure method. Ideally, you could combine a password with a code sent via email, for a more secure approach.
Related Questions
Cloudflare Origin SSL Certificate Setup Guide
How To Effectively Monetize A Site With Ads