Blake PattersonI don't want to login with a code sent to my email.
I HAVE A FUCKING PASSWORD.
HOW ABOUT WE USE THAT????
#authenticantion #WTF #whatthefuck #password #login #twotier #codes #internet #staggeringlyshitty
And, it's not that I entered my password for this website and then it sent a code to make sure it's me; it did not allow me to use my password. It wanted username -- and done, code issued from its sever.
It never asked for my password.
Gregatron5@blakespot I’ve found sometimes there’s an incredibly tiny and hard to find “login with password” link on some sites that do that
pitz ☕@blakespot That's standard OTP authentication and I've seen many sites use that
@pitz Well, it's a horrible way to login.
Jonathan Polley@blakespot Or give me the ability to generate the code for myself.
I had one account where they didn’t automatically send the email verification, so it refused to send the verification code and didn’t tell me.
jon r@blakespot
Reminds me when PayPal allowed my coworker in, who only had the shared password, with an email to the shared inbox instead of needing to correctly enter a valid 2FA code.
Reminds me when PayPal allowed my coworker in, who only had the shared password, with an email to the shared inbox instead of needing to correctly enter a valid 2FA code.
yakkoj 🦊@blakespot this, or else, my dilemma:
>login with password.
>they send 2nd factor to email.
>obviously too cheap to hire people to work out how to make passkeys on Yubikeys work.
They do "support" passkeys, but it's tied to that web browser on that machine, and I need it more portable than that.
This is a bank. Wells Fargo. When even BANK OF AMERICA gets it more right (BoA at least supports my Yubikey as the second factor even though that's not passkey), you know you've failed.