mccMay 25, 2023
As I awoke this morning from uneasy dreams I found that Google had replaced my authenticator app with an anus drawn by Kurt Vonnegut
Show threadmccMay 25, 2023
…wait I'm sorry, fucking *what*? "back up your authenticator codes to the cloud"?! Isn't it *literally* no longer 2FA then? Like at that point the test the authenticator performs isn't "do you have the physical device" it's "do you have access to the Google account". Why not use a Google password manager and skip the authenticator?!
Show threadmccMay 25, 2023
Is the market for this feature people who are being forced by a job or policy to use authenticator 2FA but don't take it seriously?
Show threadwb x64May 25, 2023
@mcc yes
Show threadwb x64May 25, 2023
@mcc see also, people who use the 2fa feature of LastPass, and also how the most popular 2fa provider out there works, Authy.
Show threadMr LeastMay 26, 2023
@wilbr @mcc ... And Bitwarden
Show threadwb x64
@luskebux @mcc I give a slight pass to that because at least that's self hostable. It's not a real second factor but it's at least not putting all of your eggs in the same CLOUD SERVICES bucket THAT'S BEEN HACKED MULTIPLE TIMES RECENTLY
May 26, 2023 at 4:59amWeb