mccAs I awoke this morning from uneasy dreams I found that Google had replaced my authenticator app with an anus drawn by Kurt Vonnegut
…wait I'm sorry, fucking *what*? "back up your authenticator codes to the cloud"?! Isn't it *literally* no longer 2FA then? Like at that point the test the authenticator performs isn't "do you have the physical device" it's "do you have access to the Google account". Why not use a Google password manager and skip the authenticator?!
rain 🌦️@mcc Cloud backups for TOTP are table stakes these days (the availability loss is unacceptable for most people, too many people have been completely locked out from their accounts due to Google authenticator). As long as they're e2ee they're fine
@mcc This is a good post about how one-timeness is more important than 2fa for most people: https://blog.1password.com/totp-for-1password-users/
