Comment on Help open the source of the myGov Code Generator app
fizzle@quokk.au 3 days agoI guess you’re right about 2fa seeds, but I do wonder why the play store isn’t awash with dodgy 2fa seed generators. I’m not naive enough to believe that everything from the play store is “secure” but do they do some kind of rudimentary screening?
CameronDev@programming.dev 3 days ago
There are a lot of tfa apps in the store, and search does seem to surface the brand name ones first, but there are a few no-name ones as well:
play.google.com/store/apps/details?id=twofa.accou… play.google.com/store/apps/details?id=com.authent…
I don’t know that they are legit or not, but they exist.
I suspect if someone wanted to do this, they would use a fraudulent ad campaign to sent people directly to the store, rather than hope for the playstore search to find people.
And based on my experience with Google, they do fuck all screening, it’s mostly just checks to ensure you have a privacy policy, no checks that the policy is actually followed…