I’m not going to use digital currency or a digital ID so that I’m protected from myself.
I am so fucking tired of entering a password, then a code I got by by text, so I can set up an authentication app and register my physical auth key. Why can’t I just use a different strong password for each service, same as I have for the last 30 years without getting hacked.
You should be allowed to opt out of this bullshit if your password entropy is high enough.
The point of 2FA isn’t that if your password is weak it saves you. The point is if your password gets leaked somehow (you accidentally enter it on a fake site, the site gets compromised, someone looks over your shoulder), they still can’t enter without the 2FA. I hate SMS 2FA (it’s not even secure) and sites that make you go through 3 steps for some reason, but the 6 digit code ones really aren’t that big of a deal, you just whip out your phone and open an app.
the 6 digit code ones really aren’t that big of a deal, you just whip out your phone and open an app
Until you’re in tough times financially and your phone company cuts you off, permanently locking you out of every account with SMS 2FA! This actually happened to me, and there was nothing I could do about it, unlike phishing and shoulder surfing, which are easily within my power to prevent.
Realistically it’s not feasible to set up separate systems for separate levels of tech knowledge and expect it to not be abused.
Yes, it’s more of a hassle to do proper 2FA, but it helps the grannies of the world not be scammed out of their life savings, ultimately enabling greater digitalisation, which I find extremely helpful.
I am so fucking tired of entering a password, then a code I got by by text, so I can set up an authentication app and register my physical auth key. Why can’t I just use a different strong password for each service, same as I have for the last 30 years without getting hacked.
You should be allowed to opt out of this bullshit if your password entropy is high enough.
The point of 2FA isn’t that if your password is weak it saves you. The point is if your password gets leaked somehow (you accidentally enter it on a fake site, the site gets compromised, someone looks over your shoulder), they still can’t enter without the 2FA. I hate SMS 2FA (it’s not even secure) and sites that make you go through 3 steps for some reason, but the 6 digit code ones really aren’t that big of a deal, you just whip out your phone and open an app.
Until you’re in tough times financially and your phone company cuts you off, permanently locking you out of every account with SMS 2FA! This actually happened to me, and there was nothing I could do about it, unlike phishing and shoulder surfing, which are easily within my power to prevent.
Realistically it’s not feasible to set up separate systems for separate levels of tech knowledge and expect it to not be abused.
Yes, it’s more of a hassle to do proper 2FA, but it helps the grannies of the world not be scammed out of their life savings, ultimately enabling greater digitalisation, which I find extremely helpful.