Why phone 2fa is useless and just wastes your time
-
K4sum1
- Lazy Owner
- Posts: 883
- Joined: 11 Jan 2021, 07:40
- Location: ur dads house
- OS: Windows 8.1 x64
- Has thanked: 549 times
- Been thanked: 249 times
- Contact:
Why phone 2fa is useless and just wastes your time
Many services and people will suggest to use phone 2fa to "improve security", however most of the time it does nothing except waste your time. Even if a hacker gets your password, most services worth hacking already have a form of email 2fa where they email you a code if a new computer or IP logs into your account. Discord, Steam, Google, etc all have this yet want you to use 2fa with your phone. Your phone is no more secure than email, and can be less secure in some cases. 2fa also does nothing if your authentication cookie or token gets stolen, which is what most account stealers target. There is no practical way to defend against such an attack, no amount of x factor authentication will help. I'm tired of this "2fa is more secure" bullshit that is being pushed upon us.
I don't know what I'm doing hit album by Brad Sucks
Why phone 2fa is useless and just wastes your time
TOTP is good, just no good PC clients (Bitwarden and Proton Pass supports it if you pay) and I hate having to check the phone I soon won't even have.
Proprietary bullshit like Steam/Battle.net's can fuck off and SMSing a code even more so since it's completely insecure, harvests the phone number and yeah. Some even lock TOTP behind a phone like the complete retards they are like Battle,net and Twitch.
Proprietary bullshit like Steam/Battle.net's can fuck off and SMSing a code even more so since it's completely insecure, harvests the phone number and yeah. Some even lock TOTP behind a phone like the complete retards they are like Battle,net and Twitch.
Who is online
Users browsing this forum: No registered users and 10 guests