Hacker News

1090 readers

451 users here now

Posts from the RSS Feed of HackerNews.

The feed sometimes contains ads and posts that have been removed by the mod team at HN.

founded 6 months ago

MODERATORS

patrick@lemmy.bestiver.se

rssbot@lemmy.bestiver.se

2FA or Not 2FA (mikhailian.mova.org)

submitted 1 week ago by rssbot@lemmy.bestiver.se to c/hackernews@lemmy.bestiver.se

9 comments fedilink hide all child comments

Comments

you are viewing a single comment's thread
view the rest of the comments

[–] rumschlumpel@feddit.org 1 points 1 week ago* (last edited 1 week ago) (4 children)

I'd be more inclined to use 2FA if the second factor wasn't usually a mobile phone, which can easily (much more easily than a laptop or desktop pc) be lost, be stolen or break, is harder to repair, and generally running software that is far more insecure than what is running on my PCs, especially if you get into the specifics of how that 2FA works - SMS isn't secure, and authenticator apps generally require the official app store (Google or Apple), i.e. they don't work well on something like LineageOS or GrapheneOS.

You can probably use something like Yubikey or a more privacy-friendly authenticator app on Github, but many other services won't give options like that.

[–] MoonMelon@lemmy.ml 2 points 1 week ago

I keep thinking I should get a hardware key but then the cost, potential incompatibility, and my own confusion over all the options always stops me. But I have also had phones just randomly not turn on one day, so the current solution is a file folder full of OTPs. Sucks.

load more comments (3 replies)