When you think of online security, hopefully by now two-factor authentication springs to mind. WIRED certainly pushes the feature every chance we get. And for good reason! It's a solid protection against common web attacks like phishing and credential stuffing. But when Chris Coyne and Max Krohn, who previously cofounded OKCupid, launched their own digital identity and encrypted chat platform in 2014, they decided against using 2FA at all. Which is less radical than it sounds.
Keybase is open source and audited by (paid) third-parties, but users and two-factor authentication advocates often ding the company for not offering 2FA. Keybase says, though, that conventional two-factor wouldn't protect Keybase accounts in the way you might think. And if you look closely, you'll notice that many similarly sensitive products, like password managers or secure messaging apps like Signal, often don't offer conventional two-factor either.
"The two-factor authentication people usually talk about just doesn't make sense with the model of how Keybase works," says Max Krohn, cofounder and CEO of ..
Support the originator by clicking the read the rest link below.
