From 1681f99e227e521de573d6fb3e1a3e32b62548df Mon Sep 17 00:00:00 2001 From: Tommy Date: Thu, 25 Aug 2022 23:50:59 -0400 Subject: [PATCH] Remove unnecessary shortcode --- .../knowledge/Multi-factor Authentication.md | 2 +- layouts/shortcodes/time.html | 54 ------------------- 2 files changed, 1 insertion(+), 55 deletions(-) delete mode 100644 layouts/shortcodes/time.html diff --git a/content/knowledge/Multi-factor Authentication.md b/content/knowledge/Multi-factor Authentication.md index 9841643..528c0ac 100644 --- a/content/knowledge/Multi-factor Authentication.md +++ b/content/knowledge/Multi-factor Authentication.md @@ -31,7 +31,7 @@ The time-limited code is then derived from the shared secret and the current tim If you have a [Yubikey](https://www.yubico.com/), you should store the "shared secrets" on the key itself using the [Yubico Authenticator](https://www.yubico.com/products/yubico-authenticator/) app. After the initial setup, the Yubico Authenticator will only expose the 6 digit code to the machine it is running on, but not the shared secret. Additional security can be set up by requiring touch confirmation, protecting digit codes not in used from a compromised operating system. -Unlike [WebAuthn](#fido2-fast-identity-online), TOTP offers no protection against [phishing](https://en.wikipedia.org/wiki/Phishing) or reuse attacks. If an adversary obtains a valid code from you, they may use it as many times as they like until it expires (generally {{< time "PT30S" >}}30 seconds + grace period{{< /time >}}). +Unlike [WebAuthn](#fido2-fast-identity-online), TOTP offers no protection against [phishing](https://en.wikipedia.org/wiki/Phishing) or reuse attacks. If an adversary obtains a valid code from you, they may use it as many times as they like until it expires (generally 30 seconds + grace period). Despite its short comings, we consider TOTP better and safer than Push Confirmations. diff --git a/layouts/shortcodes/time.html b/layouts/shortcodes/time.html deleted file mode 100644 index 073d20f..0000000 --- a/layouts/shortcodes/time.html +++ /dev/null @@ -1,54 +0,0 @@ -{{/* - - HTML date/time element