Keith, On Tue, Feb 26, 2019 at 6:00 AM Keith Medcalf <kmedcalf@dessus.com> wrote:
https://twofactorauth.org/#domains gives a good view of the domain management landscape regarding 2FA.
Seems to require the unfettered execution of third-party code ...
Are you offering an indemnity in case that code is malicious? What are the terms and the amount of the indemnity?
What are you talking about?! Are you ... trolling? If you don't trust the various (excellent) closed & open-source implementations of TOTP - you can write one yourself. The algorithm & specification are entirely open and free to use: https://tools.ietf.org/html/rfc6238 Using TOTP as 2FA is an excellent and recommended practice, and I am happy to see so many domain registrars support it. Regards, Job