From 1b154580f7c97c2d4abe1008a35796a3de6feff9 Mon Sep 17 00:00:00 2001 From: Eileen Wagner Date: Fri, 6 Dec 2024 11:53:09 +0100 Subject: [PATCH] Update QR code Added ways for bad actors to use QR codes --- patterns/QR-code-verification/index.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/patterns/QR-code-verification/index.md b/patterns/QR-code-verification/index.md index 31eb377..214fd07 100644 --- a/patterns/QR-code-verification/index.md +++ b/patterns/QR-code-verification/index.md @@ -41,7 +41,9 @@ Allow users to load the QR code as an image in case their camera is broken or un ### Potential Problems with QR Code Verification -Long pass phrases (such as a [mnemonic code](https://en.wikipedia.org/wiki/Mnemonic)) is more complex than showing and scanning a QR code or importing a backup file. However, these long phrases may be useful instead of QR codes in low-bandwidth scenarios where image uploading is costly or time consuming. If used instead of a QR Code, mnemonic phrases should be translated into the user's native language. +- For better or worse, the COVID-19 pandemic has introduced QR codes at a very large scale. Most people understand the basic interaction with a QR code; but it has also taught a rather non-chalant attitude with scanning any QR code one comes across. Beware of bad actors putting QR code stickers for phishing attempts and more - best to protect your QR in some fashion, and always add a visual brand close to it so people know they can trust it. +- Keep in mind that anyone can take a picture of your QR code and use it later. +- Long pass phrases (such as a [mnemonic code](https://en.wikipedia.org/wiki/Mnemonic)) is more complex than showing and scanning a QR code or importing a backup file. However, these long phrases may be useful instead of QR codes in low-bandwidth scenarios where image uploading is costly or time consuming. If used instead of a QR Code, mnemonic phrases should be translated into the user's native language. ### The Take Away