|
|
|
|
|
|
by jakear
2536 days ago
|
|
|
> I’m increasingly convinced we’d all be safer if the password was the second, optional factor. Yes! Why can I not always login via an emailed token, secured by a TOTP? It would set a cookie, so no different in UX once you’re in, and that’s the normal “forgot password” flow, so no different in terms of security. But it would remove the need for me to constantly be opening up various password generation toolkits and resetting passwords and etc. |
|
|