Hacker News new | ask | show | jobs
by CGMthrowaway 355 days ago
How does this work when you need a phone for 2fa?
4 comments
AdieuToLogic 355 days ago
> How does this work when you need a phone for 2fa?

See the stipulation of:

  on an off day, with no reason to require phone use
If you "need a phone for 2fa" then that qualifies as a "reason to require phone use."
link
ecb_penguin 355 days ago
You work around it

1. Get a hardware token

2. Install a TOTP desktop client

3. Only use the phone for 2FA

4. You understand the spirit of the exercise and don't get bogged down by silly rules.

link
AdieuToLogic 355 days ago
> How does this work when you need a phone for 2fa?

Just out of curiosity, suppose you are not on-call for work and it is an observed holiday. Do you foresee the need for two factor authentication for non-work activities?

In other words, is 2fa a requirement for daily life?

link
eCa 355 days ago
One example would be Github for personal projects. There are several other use cases where the phone is a factor for logging into services.
link
em500 355 days ago
Git pull a day before, git push a day later? Have we forgotten to do anything without a persistent internet connection 24/7? Or why we'd use a distributed version control system in the first place.
link
0x457 355 days ago
We also conditioned to make small feature branches. Even my hobby projects force me to go through PR process.
link
eCa 355 days ago
It was an example of a use case familiar to many here. Some people use Github for more than just git.
link
LeafItAlone 355 days ago
>In other words, is 2fa a requirement for daily life?

I never stay logged into accounts in browsers on my personal devices. And work requires daily auto. So in general if I need to do anything with any accounts, I need 2fa access. And for the phone apps I do stay logged in to, well, they are on my phone.

link
timerol 355 days ago
Level 4 is going into the office for a day, so anyone requiring 2fa at work cannot pass that point
link
ecb_penguin 355 days ago
There's no need to overcomplicate a silly exercise with rigid rules.

Focus on the intent of the exercise. If you really mentally cannot get past 2FA, then get a hardware token, or a TOTP client on your desktop. Lots of solutions if this is really the hangup.

link
rrr_oh_man 355 days ago
1Password?
link