[nocsi]

So this automatically degrades 2-factor to… 1 factor again. The security model doesn’t instill a lot of confidence in me, being that you expect user-interaction as a means of security. It’s already bad enough people are tying their OTP with their credentials in password managers…

[apugoneappu]

It’s still 2 factor, just that a few permitted people have access to the one time password. It’s identical to manually sharing the OTP, just automated.

> The security model doesn’t instill a lot of confidence in me, being that you expect user-interaction as a means of security.

Could you please elaborate on what this means?

[jafjaf]

they are describing a trend where security is omitted or skipped because it’s inconvenient. even though OTP is used to increase security, it’s inconvenient for people so they go around it like this.