@mathiasekstedt suggested that we have multi-factor authentication represented via requiring all of the Credentials associated with an Identity to be compromised in order to assume it. This solution includes removing the old static defence.
This solution gives us a lot of flexibility in modelling attacks targeting the tokens. It also addresses #50.
@mathiasekstedt suggested that we have multi-factor authentication represented via requiring all of the Credentials associated with an Identity to be compromised in order to assume it. This solution includes removing the old static defence.
This solution gives us a lot of flexibility in modelling attacks targeting the tokens. It also addresses #50.