Replying to BTCFalk

Really bad take, as if those where the recommended FAs methods

Yes they are relatively easy to compromise and they don't protect your privacy...

*still a lot more secure then just a Password; especially because most people use bad passwords, also because most people don't really understand what makes a secure PW, the usual PW requirements and "security ratings" arn't sufficient to make a good PW

*2FA isn't ment for protecting your privacy, in most cases the privacy is lost in way before in 50 other ways, but i there are other 2FA ways that don't compromise you

The lower barrier to entry 2FA wich is safer and also more convenient is through Authenticator app

The next step would be a phisical security Key (for example a yubikey) witch is on a completely other level of Security and onece you got used to it convenience

The downside is it costs (between $25-110 depending on what features &form factor you need)

But on top of just using any form of 2FA anyone that doesn't already use a PW Manager would 100% benefit from starting to use one

For now the combination of a decent PWM and a 2FA Authentication App is probably sufficient for most people, would make they're online easier and a lot more secure, wile probably reduceing a lot of hacks and frauds

In the future it'll probably get worse, so a PWM for "passkeys" (a "new" form of "password" witch basically is a digital signature exchange) and a physical security key will be necessary, at least for high stakes things
Avatar
The Beave 1y ago

That only works for stuff that almost doesn't matter, and certainly doesn't matter to me.

Banks, the IRS, other dumb fedgov BS all use the crapiest forms of 2FA which all ties into KYC and are also not good from a technical standpoint. Plus, all 2FA requires a you to have a device attached to you and unless you go to really effing great lengths, you can be located by location tracking methods. It's just an awful system that shouldn't be used. Yes, I get that there are better ways to do it, but, they don't apply to use cases I'm most concerned about.

Reply to this note

Please Login to reply.

Discussion

0f
BTCFalk 1y ago

Oo yes, governmentts clearly aren't known for being up to dayt with technology (wile in connection with the population, military and spying is different)

But again, i don't think the 2FA is the weak link in the trackimg/privacy side of things

Especially when you're talking of government stuff like IRS or Banks, they have "all" the information on you anyway

Avatar
The Beave 1y ago

I assure you that they don't. 😎

But they do have enough to try to lock me up. 🤷‍♂️