#security 2 hashtags

I am currently looking at hardware tokens for multi factor authentication, such as #Yubikey. I am not sure what's the state-of-the-art in that area, does anyone have any suggestions to read up upon and decent alternatives to yubikey? #MFA #2FA #security #SecOps

Genuine question: what threat model does the "app locking via screenlock" on many #Android apps like #Signal, #Nextcloud #Talk and many other apps follow?

I can hardly make up a scenario where some adversary gets their hands on my unlocked phone and then fails to unlock apps that are locked with the same password/pin as the lock screen itself.

Anyone with further insights? #security #privacy