this post was submitted on 25 Oct 2024
-4 points (46.7% liked)
Games
16788 readers
661 users here now
Video game news oriented community. No NanoUFO is not a bot :)
Posts.
- News oriented content (general reviews, previews or retrospectives allowed).
- Broad discussion posts (preferably not only about a specific game).
- No humor/memes etc..
- No affiliate links
- No advertising.
- No clickbait, editorialized, sensational titles. State the game in question in the title. No all caps.
- No self promotion.
- No duplicate posts, newer post will be deleted unless there is more discussion in one of the posts.
- No politics.
Comments.
- No personal attacks.
- Obey instance rules.
- No low effort comments(one or two words, emoji etc..)
- Please use spoiler tags for spoilers.
My goal is just to have a community where people can go and see what new game news is out for the day and comment on it.
Other communities:
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I don't think that the problem is 2FA itself so much as poor UX on existing systems.
Let's say that I have a little USB keychain dongle in my pocket with an "approve" button and a tiny screen. When I sign in, at the time that I plug my password in, I plug the dongle in. It shows the information for whom I am approving authentication. I push the "approve" button.
It's got a trusted display (unlike a smartcard, so that a point-of-sale system can't claim that I'm approving something other than what I am).
It can store multiple keys, and I basically use it for any credentials that I don't mind carrying with myself.
I then keep another, "higher security" dongle at home with more-sensitive keys.
Does that add some overhead relative to just entering my password? Yeah. But is it a big deal? No. And it makes it a lot harder for someone to swipe credentials.
I agree that using phone-linked SMS 2FA authentication is problematic (for a number of reasons, not just because it locks you to a phone, but because there are also privacy implications there).
Noted :)