2FA question

submitted by soyboy77 from self.privacy

Any chance saidit will implement 2FA (app authenticator, not sms) sign in at some point?

all 5 comments
sorted by:
top
newinsightfulfun

[–]IvoryHoward 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (0 children)

Protectimus' hardware tokens https://www.protectimus.com/ are physical devices capable of generating one-time passwords. You can add an extra layer of security to your online accounts, systems, and apps by using one of these tokens. They are frequently used in situations calling for a very high degree of security.

[–]Anon1 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (3 children)

As long as it isn't mandatory. 2FA (especially SMS/biometric) is a horrible idea for privacy.

[–]soyboy77[S] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (2 children)

How so? Genuinely interested.

[–]Anon1 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (1 child)

Authenticator is the best option if using 2FA.

https://nordvpn.com/blog/sms-two-factor-authentication-puts-your-privacy-at-risk/

https://www.theverge.com/2017/9/18/16328172/sms-two-factor-authentication-hack-password-bitcoin

https://www.cnet.com/how-to/do-you-use-sms-for-two-factor-authentication-heres-why-you-shouldnt/

[–]soyboy77[S] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (0 children)

Yeah, I'm aware of of the danger of sms 2fa. It's how McAfee's twitter got hacked. That's why I specifically stated authenticator not sms. Good links though, more people should be made aware of the fact that sms 2fa sucks.

https://www.bbc.com/news/amp/technology-42502770

https://www.cnet.com/google-amp/news/two-factor-authentication-isnt-as-secure-as-you-might-expect-world-password-day/

The takeaway is that authenticator 2fa is still better than password alone...