C. Roy

I beg to differ. Passwords are routinely salted and hashed and will make rainbow table attacks very expensive. By and large FIDO U2F is the superior 2FA scheme. Unlike RFC6238 OATH-TOTP or RFC4226 OATH-HOTP, U2F does not use a shared secret as it relies on public key cryptography. There is nothing to steal on a compromised server - what the remote server stores cannot be used to impersonify you in any way. An attacker needs possession of the physical secure element to complete the challenge-response...

I beg to differ. Passwords are routinely salted and hashed and will make rainbow table attacks very expensive. By and large FIDO U2F is the superior 2FA scheme. Unlike RFC6238 OATH-TOTP or RFC4226 OATH-HOTP, U2F does not use a shared secret as it relies on public key cryptography. There is nothing to steal on a compromised server - what the remote server stores cannot be used to impersonify you in any way. An attacker needs possession of the physical secure element to complete the challenge-response...

I beg to differ. Passwords are routinely salted and hashed and will make rainbow table attacks very expensive. By and large FIDO U2F is the superior 2FA scheme. Unlike RFC6238 OATH-TOTP or RFC4226 OATH-HOTP, U2F does not use a shared secret as it relies on public key cryptography. There is nothing to steal on a compromised server - what the remote server stores cannot be used to impersonify you in any way. An attacker needs possession of the physical secure element to complete the challenge-response...

I beg to differ. Passwords are routinely salted and hashed and will make rainbow table attacks very expensive. By and large FIDO U2F is the superior 2FA scheme. Unlike RFC6238 OATH-TOTP or RFC4226 OATH-HOTP, U2F does not use a shared secret as it relies on public key cryptography. There is nothing to steal on a compromised server - what the remote server stores cannot be used to impersonify you in any way. An attacker needs possession of the physical secure element to complete the challenge-response...

I beg to differ. Passwords are routinely salted and hashed and will make rainbow table attacks very expensive. By and large FIDO U2F is the superior 2FA scheme. Unlike RFC6238 OATH-TOTP or RFC4226 OATH-HOTP, U2F does not use a shared secret as it relies on public key cryptography. There is nothing to steal on a compromised server - what the remote server stores cannot be used to impersonify you in any way. An attacker needs possession of the physical secure element to complete the remote-challenge...

I beg to differ. Passwords are routinely salted and hashed and will make rainbow table attacks very expensive. By and large FIDO U2F is the superior 2FA scheme. Unlike RFC6238 OATH-TOTP or RFC4226 OATH-HOTP, U2F does not use a shared secret. There is nothing to steal on a compromised server - what the remote server stores cannot be used to impersonify you in any way. An attacker needs possession of the physical secure element to complete the remote-challenge routine in real time. And there is nothing...

I beg to differ. Passwords are routinely salted and hashed and will make rainbow table attacks very expensive. By and large FIDO U2F is the superior 2FA scheme. Unlike RFC6238 OATH-TOTP or RFC4226 OATH-HOTP, U2F does not use a shared secret. There is nothing to steal on a compromised server - what the remote server stores cannot be used to impersonify you in any way. An attacker needs the physical secure element. And there is nothing to download or install. Nothing to retype at lofin. The tokens...

Like Paul said you are not on the right forum. Nevertheless I can give you some general...