Technology Memes

You'll lose many more years if your accounts with sensitive content ever get compromised.

Every time I read comments on posts like these, it reaffirms to me how the average person does not give a shit about real security or is completely ignorant to how and why these extra safeguards are used. Lemmy, I would assume, has a higher than average tech knowledge amongst it's user base vs many other platforms, but the sentiment often that of, MFA and needing to login to a bunch of separate applications is too much work and the people that designed them don't know what they're doing. It's a bit disheartening.

A minor annoyance now to avoid a major headache later. Worth the trade

got hired by a new company. every fucking day I have to MFA to use the VPN. then I have to MFA to sign into email. Then MFA into tickets. MFA into confluence. MFA into git.

and then I have to do it all over again 4 hours later after lunch.

Oh you know your password? Fuck you. We’re sending an email to your second account and to verify that one we will text you.

The galaxy-brain move is to store the password in a password manager, and also have the same password manager store the TOTP. Finally, you set your password manager to unlock by biometric authentication

All of a sudden, you're set by just showing your fingerprint to the reader.

Well, maybe. You said years plural, so let's take just two years. 2 years * 365 days a year * 24 hours a day * 60 minutes an hour is 1,051,200 minutes in two years.

Let's say that every time you use 2FA it's an extra 2 minutes. How many times a day do you use 2FA? That's probably the biggest variable. For some people it's a couple times a week, for others it's several times a day. Let's say 5 times a day. We also need to know how long you've been using 2FA. That's going to be another big variable. Does 5 years seem reasonable? If so, 5 years * 5 times a day * 365 days a year * 2 minutes each time = 18,250 minutes wasted on 2FA.

That's a small fraction of the million minutes in two years, but it could change a lot depending on some of the variables.

But on the other side, if even one time the 2FA stopped you getting your account hacked, the calculation would change a lot.

Passkey

lost your password? time for a scavenger hunt!

There's lots of things that have two factor authentication that don't need it.

Drag's bank lets drag log in and see drag's balance with just a password, but drag needs to authenticate to transfer any money. That's perfect, drag loves it. Yet somehow, drag's library card and epic games account have more restrictive MFA requirements.

The MFAs using an authenticator are torture.

At work, I must to use it every day to open google docs or gmail.

Like with insurance, it's far more worth spending an extra 2.5 seconds on 2fa than it is spending regaining your stolen identity and (potentially) ruined reputation (unless it's text based 2fa)

That reminds me I've gotta change the authenticator for my luggage

I'm glad that a pizza place has higher MFA requirements than many banks. We've made good decisions as a society for that to be true.

they lost access to their account because of mfa or they just think it's a waste of time?