Comments (1)
@Aelisya thanks for the suggestion, however in the case of xBrowserSync MFA/2FA adds no extra security - I'll explain why.
Users in xBrowserSync are completely anonymous, i.e. there is no information that ties the data stored by the service (in the database on the server) to the real person that is the user. Because of this anonymity, when you log in to xBrowserSync, your login credentials are not to "identify" you like traditional service log ins, but to decrypt your sync data stored by the service and retrieved using the random sync ID generated for you when you first synced.
This is a superior approach to traditional services because it does not need to verify you are who you say you are, the system doesn't care who you are. The important thing is that you have the decryption key (i.e. your password) in order to decrypt the encrypted sync data.
Because of this, anyone can request/view your encrypted data, for example if they know your sync ID or even the service administrator (or a hacker) viewing the database on the server directly. However, they cannot possibly decrypt your data without your password, and none of the plain text data on the server reveals anything about you, this is an exampe of what they'll see:
{
"_id":Binary('cBFyJ5fnTRmhbym2N1+U3w=='),
"bookmarks":"DWCx6wR9ggPqPRrhU4O4oLN5P09oULX4Xt+ckxswtFNds...",
"lastAccessed":"2016-07-06T12:43:16.866Z"
"lastUpdated":"2016-07-06T12:43:16.866Z",
"version":"1.0.0"
}
I hope that explains adequately why you don't need MFA and therfore why xBrowserSync is possibly the most secure system you use! 😄
from api.
Related Issues (20)
- docker swarm - Can't find DB HOT 4
- Bunyan not found when starting service HOT 9
- Generating destructive operations in a device while creating data on another borks an ID HOT 1
- Allow multiple account (Sync ID) and selective folder to sync HOT 1
- xbrowsersync claims "Invalid credentials" HOT 4
- Can't make any sync IDs HOT 1
- How can an xBrowserSync host delete data that is no longer used? HOT 2
- [Docker images] Create a single user version who use sq-lite for storing.
- Feature request: Support Firefox keyword field HOT 1
- Other favorites and Other bookmarks not syncing between Edge and Chrome
- It is not accepting encryption id/ password
- node dist/api.js fails with "cannot find module bunyan" HOT 3
- Is dead? HOT 3
- mobile app does not work but windows chrome does HOT 2
- How do I change the synchronization interval
- C一下!今年这件卫衣很nice
- 肝了半个月,我整理出了这篇嵌入式开发学习学习路线+知识点梳理)
- Add Folder functionality?
- "err":{"message":"option usefindandmodify is not supported"
- Is there an option to limit new users? HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from api.