Joshua Small
I am being daft or does Claude really only give "magic link" sign up options?
Feb 18 at 3:37amWeb
Show threadJoshua SmallFeb 18
Apparently not wtf
Show threadRoyce WilliamsFeb 18
@jsmall Yeah, why would someone want to make sure that if their email box got pwned that all of their LLM context was still safe? 😐
Show threadRoyce WilliamsFeb 18

The fact that Anthropic closed (as a WONTFIX) this request for adding TOTP to the Claude email magic link flow, locking the thread with no commentary ... speaks volumes, unfortunately. I'm not getting strong "for the benefit of humanity" vibes.

Again, why would someone want to make sure that if their email box got pwned ... all of their LLM context was still safe? 😐️

https://github.com/anthropics/claude-code/issues/12480

Auth: Add 2FA requirement to magic link login flow · Issue #12480 · anthropics/claude-code

Summary Add 2FA (TOTP) verification requirement to magic link login when users have mfaPreference.twoFA enabled, matching the security of password login. Current Behavior Password login (post-login...

GitHub
Show threadRoyce WilliamsFeb 18
Why not just make it opt-in?
Show threadPaul KhuongFeb 18
@tychotithonus @jsmall You can use a google account. I believe enterprise has SSO.
Show threadRoyce WilliamsFeb 18

@pkhuong @jsmall

Ah, sure. My reply to that, as always, is:

https://sso.tax/

The SSO Wall of Shame

A list of vendors that treat single sign-on as a luxury feature, not a core security requirement.

The SSO Wall of Shame