oscarsclaws 
s0 Is Not A SysadminMy bank just emailed me to say that because I haven’t used my two factor auth recently (they only require it for specific actions), they’re disabling it on my account.
What kind of a batshit security posture is that?!!
Mike [SEC=OFFICIAL]@s0 if it leads to fewer support calls, it's gotta be good
Woozle Hypertwin
Bit Regurgitator@s0 (slow clap)
JP
Deborah Pickett@s0 This is MyGov levels of Can’t Computer.
Edit: No, it isn't, because MyGov can at least do TOTP now.
Neko 
VirtualWolf@neko @futzle I did this super-hacky thing ages ago to get the TOTP out of their shitty app and into 1Password.
...huh, that being said I just logged in and have a message under the "Security Actions" section:
The myGov Code Generator app is being retired, set up another sign in option.
And when you continue with that it actually gives you the option to use a bog-standard TOTP authenticator setup!
You probably have me to thank for that. Every gods-damn time I've needed to log in to The Australian Government System it's been a case of "Your medicare sign-in ID is now an australia.gov.au ID, go set one up here" "oh your australia.gov.au ID is now becoming my.gov.au", they are addicted to changing login methods up to annoy me, specifically
I love this, so I@s0 lol that’s fucking amazing
ghosts in the silicon ▒
Ari Sovijärvi@s0 This seems like the logic where they realised 2FA is a lost cause for an average non-technical person and they try to pre-emptively solve all the login issue tickets by applying a fix like this.
matlag@s0 And if you still don't do anything, they'll give access to your account to 13 random people?
@matlag only if they know my mother’s maiden name, of course (my mother never changed her name and is an easily googled public figure)
Syl (Sylvia Bun) :enby_inside: 
@s0 Sadly I've seen worse. Had an account that wouldn't let me log in without e-mail verification, despite acknowledging I had two factor authentication, because it couldn't verify that the two factor authentication was secure.
It's because they only "approved" of Google Auth and I used Ente Auth, so they treated my two factor auth as invalid.
It's because they only "approved" of Google Auth and I used Ente Auth, so they treated my two factor auth as invalid.
yuki - queen of the snow
gürkan �’ :catlong_head_left::catlong_h::catlong_end_right:
sockke
Deborah Preuss, pcc@s0 @JoBlakely bank-internal austerity theatre? "Look, we saved all those 2FA calls!" (that weren't being made, anyway) 😵💫 What?!
Jo - pièce de résistance@JoBlakely @deborahh not this one. It’s TOTP 2FA. Which they’re paying way too much to Symantec for
@JoBlakely @deborahh and IMO my bank should have my phone number
I AM BANKSY ☕ / 🗑🔥@s0 weird. Our approach was "enable 2FA or we disable your account"
Dane 🌎🖖✌️☮️⚛️☸️🕉️
Schroedingers_Cat@s0 Ridiculous. I think 2FA may well reduce the number of times you use those features that require it - which is a positive development. It makes you think twice. So I would consider that a significant reduction in use is a positive.
Removing it for any reason (without your say-so) is bonkers.
Hubert Figuière@s0 mine decided to send me 2FA SMS without even asking if the number was still valid.
[Yaseenist] CauseOfBSOD@s0 your bank doesnt enforce 2fa?