tbh this might be a good thing (not talking about amazon)
- as it normalizes MFA/2FA/TOTP
- which would help increase adoption
- and therefore it would increase users' security hygiene
- which would help increase adoption
c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.
THE RULES
Instance Rules
Community Rules
If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.
Learn about hacking
Other security-related communities [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected]
Notable mention to [email protected]
tbh this might be a good thing (not talking about amazon)
2FA is cool for things that are important, like my bank account, or probably my AWS account. We don't need it for everything and it's pretty annoying when rinky dink little websites force it on us.
of course👍
the sites that would benefit users the most from implementing these would be those that retains user sensitive information:
What is sns?
ah that's my bad that's probably an accidental Koreanism
Rinky dink little websites should use federated logins, imo.
Like Discus, Facebook, or Google? The problem with that is then you have another big ass company tracking everything you're signed up to and selling your data.
It says in the article that this won't apply to org member accounts yet, but I wonder how it'll work eventually. Member accounts created via account factory don't even have a password, so you have to go through email account recovery to set one and then set up MFA. If this only applies to root users with passwords, that's fine, otherwise I hope account factory will get a way to set up PW/MFA on a generated root user.