[ziddoap]

My average 2FA experience when setting it up for the companies I consult for is.

Enter credentials -> receive push notification and press "yes" -> login.

They wrote #2 to be purposefully long and convoluted. "Copy/paste code" is somehow 5 steps, with a waiting period? We really needed to detail out "switch app" as 2 steps? Come on.

As another example:

If you were to give directions to someone on how to get to your house, do you say: "Turn right at XYZ street, follow that up to ABC street and take a left, last house on the right"

Or do you say

"When you are 50ft from XYZ street, press on the brake pedal. When you get to the corner, turn the steering wheel to the right, hand over hand, then get the car straight again, press your accelerator, approach the speed limit, check mirrors every 20 seconds [...]".

Both are true. One is unnecessarily detailed to make it seem more complicated than it is.

[mvkel]

Push notification from what? Another app? How'd you get that app?

Imagine needing two apps to login to one app

[ziddoap]

Oh please.

Do I need to go back and explain how the computer chip is made and what transistors are, too?

Or maybe we start at the part where you have to find a store to purchase a phone, and walk through that process?