This Week I Learned: Mutual Human Authentication [2022–03–18]

It’s an idea for multi-factor authentication: send someone a link to the text (or whatever) you’re sending them, and when they click it you get a notification asking for your approval. Only if you approve do they get the info.

That’s an interesting take on the problem. If you get a request that is in some way unexpected then you can just say no or ignore it. To let out the secret, the request has to seem legit to another human. I assume that they send supporting info such as who is logged in and requesting access, when they requested and roughly where they appear to be.

One effect is that sending out a link to secret info can be done in a much more cavalier fashion since you yourself have to take a second action later before it is actually released.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Peter Brownlow

Peter Brownlow

18 Followers

Software builder, people manager, technical deep-dive enthusiast