|
|
|
|
|
|
by TacticalCoder
1684 days ago
|
|
|
> The whole point of 2FA is to have "2" independent pieces of data to verify logins. Gating 2FA behind a single password defeats the point. Indeed. It's also why I think U2F should be mandatory in way more places/sites/companies (it is in some, thankfully): you then need to physically have a Yubikey or similar and it's not possible anymore to trade security for convenience. It doesn't solve all security issues, but it's already a great step forward. When you let people the choice, they'll pick the lazy, insecure, way. |
|
|