• Otome-chan@kbin.social
    link
    fedilink
    arrow-up
    1
    ·
    1 year ago

    No offense to companies but I’m honestly sick of companies forcing 2fa. Every single one seems to have a different shitty way of doing it. Like why on earth do I need two different authenticator apps on my phone (authy&google authenticator)? Some do sms/phone number, but then yell at you and prevent you from doing 2fa if you have a “bad phone number”. This happened on discord where I’m locked out of certain servers because I can’t do phone verification, and I can’t do it because discord doesn’t like my phone number. Twitter was the same way for a long while (couldn’t do 2fa/phone verification due to them not liking my number).

    From the article it sounds like they’re doing authenticator app or sms. I’m guessing sms won’t work for me, so app it is. I decided to dig to see which authenticator app they use and they list: 1password, authy, lastpass, and microsoft… no google?

    Honestly, even email requirements for accounts is annoying because you know it just ends up spamming you. is the future where we’re gonna have to have 30 different authenticator apps on our phone?

    • library_napper@monyet.cc
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      Anyone who claims they’re doing OTPs over SMS for “security” ia lying to you. Discord wants your phone number; it has nothing to do with your security

      • Otome-chan@kbin.social
        link
        fedilink
        arrow-up
        1
        ·
        1 year ago

        there’s quite a lot of services that want phone for verification/2fa/whatever. whenever I run into them I usually just refuse to use the service altogether.

    • SkaveRat@discuss.tchncs.de
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      Like why on earth do I need two different authenticator apps on my phone (authy&google authenticator)?

      you… don’t?

      Both of these implement exactly the same protocol (TOTP). Used authy for all my Top Of The Pops Time-based one-time password needs exclusively, before moving everything to bitwarden