Autor: Simon Data: A: dng Assumpte: Re: [DNG] [OT] Twitch and 2FA (TOTP)
Bernard Rosset via Dng <dng@???> wrote:
> Something very important is implied there, and probably only a few will notice it: there is a requirement for a smartphone.
In general, it’s also possible to do 2FA using applications on a desktop.
But, what I don’t like is the assumption prevalent behind a lot of this (my bank keeps trying to persuade me to use “their app”) that we’re happy carrying around the keys to our lives on something that is a) easily lost, b) easily stolen, c) liable to run out of power at inopportune moments, or d) can break/be broken.
b) is the worst case of course - because then the thief not only has your 2FA keys, but they also have access to your backup routes (e.g. SMS and email) as well. And for as long as it takes you to realise that it’s gone and be able to access the various services and change the access to them - which might not be easy if you are away from home and without access to your desktop or laptop.