• TORFdot0@lemmy.world
    link
    fedilink
    English
    arrow-up
    5
    arrow-down
    2
    ·
    1 year ago

    They aren’t 100% reliable and it has its’ challenges based on its implementation but I wouldn’t consider it fundamentally insecure. It’s as secure as a NFC token, TOTP, or a push notification as a form of authentication. It’s like birth control, no method is 100% safe and effective, but plain username and password auth is like pulling out, anything is better than that.