Strictly speaking 
2FA is :- 
1) something you know 
2) Something you have

Doesn't matter where they come from ??


Sent from my iPad

> On 12 Jun 2018, at 14:00, Roy Brown <[log in to unmask]> wrote:
> 
> In message <[log in to unmask]>, Mark Ranft <[log in to unmask]> writes
>> I don't claim to be an expert.  (Well maybe I am pretty good.) But if you
>> set up Security 3000 to ask you for a series of questions, like your dog's
>> birthday, instead of just a second password. I am pretty certain that
>> qualifies as two factor authentication.  Wikipedia defines it as:
>> Two-factor authentication (also known as 2FA) is a type (subset) of
>> multi-factor authentication. It is a method of confirming a user's claimed
>> identity by utilizing a combination of two different factors: 1) something
>> they know, 2) something they have, or 3) something they are.
>> 
>> And you are correct.  Most HP 3000 systems had poor security. Vladimir made
>> a living visiting companies and selling them Security/3000 and the rest of
>> the VeSoft suite by breaking in. I would always enjoy my visits with Vlad.
>> After a few visits, I learned enough that he was no longer able to break
>> into my systems. But then there were some backdoor ways to get PM
>> capability.
>> 
>> Mark Ranft
>> Pro 3K
> 
> If two-factor is two of the three things above, then asking two things you know is still only one-factor, albeit twice.
> 
> Roy
> -- 
> Roy Brown        'Have nothing in your houses that you do not know to be
> Kelmscott Ltd     useful, or believe to be beautiful'  William Morris
> 
> * To join/leave the list, search archives, change list settings, *
> * etc., please visit http://raven.utc.edu/archives/hp3000-l.html *

* To join/leave the list, search archives, change list settings, *
* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *