alt Hacker NewsFwiw, Symantec VIP is TOTP under the hood, and you can extract the seed with some hackery. There is at least one financial institution in the US that uses that.
Replies
unethical_ban • 05/14/2025
USAA. Better than nothing, but since it doesn't do push notifications it's a needlessly proprietary piece. It's probably a combination of legal and a slow IT infrastructure.
Charles Schwab uses this. I was able to extract the TOTP secret during the set up process to use in my preferred auth app.