Not sure if you’re being facetious, but one time pads are for encryption, not authentication. They’re also impractical (and overkill) for most purposes.
Ah, gotcha. Those are one-time passwords. Same acronym, so it’s easy to confuse them.
But yeah, I agree that everything should use (T)OTP for two-factor authentication, instead of SMS messages. The later mainly provides a false sense of security and presents only a minor hurdle for attackers to overcome.
Not sure if you’re being facetious, but one time pads are for encryption, not authentication. They’re also impractical (and overkill) for most purposes.
OTP 2FA Codes are one time pads
Ah, gotcha. Those are one-time passwords. Same acronym, so it’s easy to confuse them.
But yeah, I agree that everything should use (T)OTP for two-factor authentication, instead of SMS messages. The later mainly provides a false sense of security and presents only a minor hurdle for attackers to overcome.