|
|
|
|
|
|
by igetspam
1096 days ago
|
|
|
None of this is true. It doesn't encourage password reuse but it does protect against it. I've also never found a single site that wouldn't let me reset MFA, even if the support process was painful and slow. FWIW, password reuse with MFA is not actually that much of a problem any more. Neither is rotation (which was show to be a net negative). There's a whole set of NIST guidelines on the topic. |
|
|
It's pretty common to read about people fully losing access to their Google accounts and often only regaining it by using internal contacts at the company (or being shit out of luck). I don't think even supporters of 2FA can discount how difficult (or impossible) it can be to regain access to 2FA accounts for certain providers.