[rektide]

I'm still looking forward to 2fa devices that can be backed up or copied or otherwise actively replicated.

I feel like this would make a lot of people very mad. It's probably against spec for a number of protocols. The purpose seems like it's to build a single, trusted system that we have absolute physical control of.

But Matt's dead on here. I'm far more interested in how we cope with the out of control situations. Building a token we trust totally, but than having to ad-hoc reinvent a dozen odd recovery schemes on top of that- something there doesn't appear to be any standards for- makes me feel like this is an out of touch, logically-bankrupt security regime we're trying to foist on the world. The idea of security is so appealing, so compelling, that we've secured ourselves into an untenable position.

As a side note,

> The question for me is not: what do I do incase my phone runs out of battery.

I really enjoy the image this popped into my head, of not storing backup house keys somewhere outside, but a backup usb charger somewhere outside the house, or magnetically attached to under your car: so you can get home & charge your phone to let yourself in, or get to your car & charge your phone to get in the car. Maybe the charge-port in cars- which we recently learned this week isn't cryptographically secured- should have a modest rate usb charger out (log into the app to unlock higher-rate power-delivery).

[dTal]

>makes me feel like this is an out of touch, logically-bankrupt security regime we're trying to foist on the world

This seems like a recurring theme. Other examples:

* default app sandboxes that don't let desktop apps see your home directory or talk to other apps

* browsers locking people out of websites with self-signed SSL certificates, while completely unencrypted websites get a pass

* Bitcoin / "smart" contracts which remove the possibility of human intervention when a transaction goes wrong

* The perennial insistence that using 'sudo' for everything is not just safer against mistakes but actually more secure than just running as root - as though an attacker gaining access to a sudo-enabled account wouldn't result in immediate pwnage anyway

* Having to take our shoes off in airports

[genmon]

> I'm still looking forward to 2fa devices that can be backed up or copied or otherwise actively replicated.

I use a 2fa authenticator with cloud backup for this reason. I know it introduces an additional single point of failure... but I feel like the increased possibility of being hacked is outweighed by the decreased possibility of me locking myself out of absolutely everything through my own human error.

[Arnt]

The ability to copy 2FA enables a big attack — elevating brief access into permanent. Someone borrows your phone for a minute and after that has permanent access.

I think the best we can do is to have 2FA that can't be copied and recovery that's difficult to reach for an attacker. Google suggested using an app on the phone for 2FA and a piece of paper for recovery.