summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNicholas Johnson <nick@nicholasjohnson.ch>2023-08-15 00:00:00 +0000
committerNicholas Johnson <nick@nicholasjohnson.ch>2023-08-17 00:00:00 +0000
commitba9691f0a14e5d908d24db39c37f44f2873a51ae04f9818007ec247d0cf4df27 (patch)
treef0da31439500091462be611a0c960ed6800436c1a31a6549d8f112fdd0063360
parent7b1d21bac75fa2d820d32e52c4af1c734420aebb43745d8106c6b0ef72af87a8 (diff)
downloadjournal-ba9691f0a14e5d908d24db39c37f44f2873a51ae04f9818007ec247d0cf4df27.tar.gz
journal-ba9691f0a14e5d908d24db39c37f44f2873a51ae04f9818007ec247d0cf4df27.zip
Remove incorrect statement
I confused this article with another.
-rw-r--r--content/entry/re-against-risk-based-authentication-or-why-i-wouldnt-trust-google-cloud.md2
1 files changed, 1 insertions, 1 deletions
diff --git a/content/entry/re-against-risk-based-authentication-or-why-i-wouldnt-trust-google-cloud.md b/content/entry/re-against-risk-based-authentication-or-why-i-wouldnt-trust-google-cloud.md
index e85ba9e..6773c77 100644
--- a/content/entry/re-against-risk-based-authentication-or-why-i-wouldnt-trust-google-cloud.md
+++ b/content/entry/re-against-risk-based-authentication-or-why-i-wouldnt-trust-google-cloud.md
@@ -3,7 +3,7 @@ title: "Re: Against risk-based authentication (or, why I wouldn't trust Google C
date: 2023-08-10T00:00:01
draft: false
---
-I found another [article](https://www.devever.net/~hl/logindenial "Against risk-based authentication (or, why I wouldn't trust Google Cloud)") written by Hugo Landau which discusses the unavailability of risk-based authentication (non-deterministic login). The article also points out how the login systems of many online services seem very poorly thought-out. For those who don't want to read the entire article, here's a short quote which captures the essence of Hugo's critique:
+I found another [article](https://www.devever.net/~hl/logindenial "Against risk-based authentication (or, why I wouldn't trust Google Cloud)") written by Hugo Landau which discusses the unavailability of risk-based authentication (non-deterministic login). For those who don't want to read the entire article, here's a short quote which captures the essence of Hugo's critique:
> "The problem is precisely this: The credentials you require to access a Google account are essentially indeterminate. Supposedly, for a simple Google account without 2FA enabled, knowledge of the account email and password should be sufficient to access an account; except sometimes, they aren't. Sometimes, Google might randomly decide your login attempt is suspicious, and demand you complete some additional verification step.
>