Quote:
Use two-factor authentication on your servers
|
Isn't using publickey Authentication where your key has a pass{word,phrase} effectively a two-factor authentication method? You need too *have* the key, and *know* the password.
Popular tools like the Google Authenticator seem overly complex to me, not to mention that they seem to rely on an external service & a smartphone...