0

Tests 2FA solution for login verification via google PAP module

I have read that this can be easily switched off via rescue mode. Is it possible to disable this solution in case someone has physical access to the machine. So that the 2FA is always active

Improve this question
1
  • 1
    Sure just use full-disk encryption with Secure Boot and TPM unlock.
    – Daniel B
    Commented Mar 4, 2023 at 13:01

1 Answer 1

Reset to default
0

If someone have physical access to machine he/she can do anything. AFAIK nothing can stop him/her to make the changes.

Improve this answer
6
  • which means that we have basically just debunked the myth of all these safeguards and appearances of being able to do something. in the end, all it takes is a backdoor and we can shove all these pseudo-security-solutions up our arses
    – Santa Monica
    Commented Mar 4, 2023 at 12:02
  • @SantaMonica, we talk about physical access, right?
    – Romeo Ninov
    Commented Mar 4, 2023 at 14:17
  • assuming that the new boards and cpu have a so-called "god mode" - amt etc it can be assumed that a potential hole or bad guy has "physical access too" in this way, am I wrong?
    – Santa Monica
    Commented Mar 4, 2023 at 14:50
  • @SantaMonica, can be. But I see too many if's :)
    – Romeo Ninov
    Commented Mar 4, 2023 at 15:09
  • so is there a solution or not?
    – Santa Monica
    Commented Mar 4, 2023 at 15:13

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .