technology

23383 readers

297 users here now

On the road to fully automated luxury gay space communism.

Spreading Linux propaganda since 2020

Rules:

1. Obviously abide by the sitewide code of conduct. Bigotry will be met with an immediate ban
2. This community is about technology. Offtopic is permitted as long as it is kept in the comment sections
3. Although this is not /c/libre, FOSS related posting is tolerated, and even welcome in the case of effort posts
4. We believe technology should be liberating. As such, avoid promoting proprietary and/or bourgeois technology
5. Explanatory posts to correct the potential mistakes a comrade made in a post of their own are allowed, as long as they remain respectful
6. No crypto (Bitcoin, NFT, etc.) speculation, unless it is purely informative and not too cringe
7. Absolutely no tech bro shit. If you have a good opinion of Silicon Valley billionaires please manifest yourself so we can ban you.

founded 4 years ago

MODERATORS

context@hexbear.net

EmmaGoldman@hexbear.net

SexUnderSocialism@hexbear.net

gaycomputeruser@hexbear.net

ZoomeristLeninist@hexbear.net

103

I hate 2FA Hell (hexbear.net)

submitted 1 day ago by BeamBrain@hexbear.net to c/technology@hexbear.net

45 comments fedilink hide all child comments

Installed Steam on a new computer. Signed in. It sent a passcode to my GMail. I signed into GMail. It wanted me to 2FA because I hadn't signed into Google on that device. It sent a notification to my phone, which I never received. I had it resend the notification twice, still nothing. Tried again with my phone's offline passcodes. Neither worked. Tried the QR code/Bluetooth connection, and that finally did it.

At least I got through in the end, but fuck, it's annoying.

you are viewing a single comment's thread
view the rest of the comments

[–] hello_hello@hexbear.net 10 points 1 day ago* (last edited 1 day ago) (2 children)

I don't use 2FA on anything that doesn't force it, garbage security theater because people don't use password managers or use the same passwords for everything.

I don't know what hurts more: People who don't use Ublock Origin or people who don't use a password manager. Such simple tools that eliminate 99% of the bs.

[–] quarrk@hexbear.net 6 points 1 day ago (1 children)

Security theater is an overstatement. If your password manager has a data breach (which happened a couple years ago with LastPass) then 2FA offers an extra layer of protection. E.g. if hackers get your email password, and it’s short enough to be decrypted, then 2FA would save you. Of course a longer password makes 2FA less necessary, but redundancy doesn’t really hurt anything

[–] hello_hello@hexbear.net 3 points 1 day ago (1 children)

which happened a couple years ago with LastPass

That's the thing, I use KeepassXC which is a local-only libre password manager. So someone would need physical access to my machine in order to copy the encrypted password database file. I'm the only one responsible for syncing the file across my devices.

Why someone would trust a proprietary always-online password manager that requires personal information and probably has ties to the Zionist entity is beyond me.

[–] quarrk@hexbear.net 3 points 1 day ago

Like most things, it’s a balance between security, convenience, and reliability. A local password manager is a great option and I’m glad it exists, but I wouldn’t recommend it for everyone. If your password manager is locally stored and you have a hardware failure (say, you live in Asheville and your hard drive is underwater with your house) then you’re completely screwed. A cloud option is a bit more disaster proof because those services typically have mitigation plans to prevent that kind of disaster. Plus you have the convenience of device agnostic passwords.

[–] foxontherocks@hexbear.net 6 points 1 day ago

i don't want to use a password manager. i want to record all of my passwords in a book after encoding them as rebus puzzles.