Latte macchiato 
Begging Steam to stop with their shitass mobile app 2FA and just let me use TOTP + Passkey
Kevin Karhan 
@kkarhan also why would you refuse the most basic security measure lol
TOTP is a perfectly open standard
TOTP is a perfectly open standard
@privateger because #TOTP & #HOTP require to have more or less precise time.
- And that's way more hassle on an #offline / #airgapped device...
[English] Pfandleiher on... The offline-pgp-method and why Encrochat, SKY ECC and ANON are failing.
@kkarhan bro, what
φ407-312-241 «Izzie» 
@kkarhan @privateger I thought HOTP is time independent? /gq
@izzie @privateger really?
Okay then I mixed that up...
@kkarhan @privateger AfaIk, HTOP is basically a counter over hashes? It’s time independent but you can’t have a shared HOTP seed since you’d skew the counter and get desynchronised.
@kkarhan @privateger basically you can’t share a HOTP over multiple devices without synchronising the counter which would be online again and thus defeating the purpose.
@izzie @privateger precisely that is the problem!
@kkarhan @privateger it works fine if you’re okay with having your HOTP in a single place or otherwise keeping track of the counter across multiple sessions.
@izzie @privateger which isn't an option for me tho.
@kkarhan @privateger of course (although that is completely besides the point of the general statement above)
@kkarhan @privateger Also admittedly, HTOP is rarely implemented nowadays. And besides kioubit (a dn42 AS) I don’t know any other services that let you use pgp for mfa
@kkarhan @privateger for the standard “what is 2fa and can I eat it?” user, TOTP is the best option because most people have their TOTP on a phone that has a very precise track of time at most times.