Users used to be able to click a check box called “remember me” which did not have to checked. This adds an extra level of security on shared PCs.
Here's an example:
Login to facebook. Enter mfa/2fa sms or totp code. _Don’t_ check the box to “remember me”. By not checking remember me, you would be logged out when you closed your browser. Upon the next login, you would not need to enter the mfa/2fa code again, as this machine is now remembered, you would only need to login. Or you could set the sites cookie’s to be removed when you close the browser by setting your browser to “forget session cookies” for that specific website. But doing these steps now have the effect of logging you out of the website, AND forgetting the 2fa/mfa authentication.
No comments:
Post a Comment