mccMay 25, 2023
As I awoke this morning from uneasy dreams I found that Google had replaced my authenticator app with an anus drawn by Kurt Vonnegut
Show threadmccMay 25, 2023
…wait I'm sorry, fucking *what*? "back up your authenticator codes to the cloud"?! Isn't it *literally* no longer 2FA then? Like at that point the test the authenticator performs isn't "do you have the physical device" it's "do you have access to the Google account". Why not use a Google password manager and skip the authenticator?!
Show threadLeah NeukirchenMay 25, 2023
@mcc but it's terrible UX in times when phones randomly die or get lost.
Show threadCassandrichMay 25, 2023
@leah @mcc They're finally discovering that 2FA is bad UX and inaccessible to folks for whom stable possession of objects isn't a given.
Show threadCarlos Solís
My current workaround? Self-hosting an instance of Vaultwarden, so I can just log into another website that is under my direct control and get the 2FA from there
May 25, 2023 at 3:55pmWeb
Show threadCarlos SolísMay 25, 2023
Of course, the major problem here being “having enough ownership of things to be able to leave a computer on at home and accessible online”.