• Bytemeister@lemmy.world
    link
    fedilink
    Ελληνικά
    arrow-up
    1
    arrow-down
    2
    ·
    5 months ago

    No 2FA on an account these days is like having a fucking bead curtain for a front door.

    • AlotOfReading@lemmy.world
      link
      fedilink
      arrow-up
      1
      ·
      5 months ago

      The security level should be the user’s choice. Maybe I don’t care if my neopets account is hacked. Maybe the 2fa offered actually decreases security, like the SMS 2FA required by my 401k account that can be used as the sole recovery factor, bypassing the password. Maybe I’m accessing from a system configuration that makes 2fa really annoying, like a build system running inside a fresh VM on every run.

      The service doesn’t have the context necessary to know when 2FA is warranted.