this post was submitted on 26 Jun 2024
304 points (95.8% liked)

Cybersecurity - Memes

2004 readers
1 users here now

Only the hottest memes in Cybersecurity

founded 1 year ago
MODERATORS
 
you are viewing a single comment's thread
view the rest of the comments
[–] udon 7 points 5 months ago (1 children)

I was all for it and even bought a USB dongle to make it super easy. Turns out this shit doesn't work anywhere. Fuck 2FA if nobody implements decent mechanisms.

[–] jj4211 6 points 5 months ago* (last edited 5 months ago) (1 children)

Basically, you have:

  • TOTP - no particular investment needed, so very popular, but a bit onerous
  • Various MFA vendors that tie into their cloud services. I hate these since it means I generally have to get additional apps, with uneven platform support
  • Webauthn/Passkey - Cool, integration with my phone, a Fido usb key, windows hello if applicable, no need for external service, uses asymmetric encryption so it's not shared secret and it's more convenient.... Almost no one bothers to implement it for their service though, despite it being pretty damn easy.
[–] [email protected] 1 points 5 months ago

I use Dashlane... It just handles all the user side of all of those for me, covering 2FA with the app/passkey nicely.