Ranter
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Comments
-
AlgoRythm50777277d2FA is so annoying sometimes. I dropped my phone and it completely broke. There were some services which had a way to deal with this situation. Others which didn't.
-
vintprox5648277dThis renderred TOTP unusable to me, unless automatic backups are made and sent to some other device via SyncThing. The downside is that, even if you encrypt the vaults, the fact itself is easily discoverable and it would only take one master password to crack it open with that second device.
Again, it's up to your threat modelling, but me inadvertently disabling backups may be the end of me someday, haha! -
BlueNutterfly15068277d@retoor Did not know they would not have the disabling as an option when needed, seeing how everyone in my experience except them seems to have it as a feature.
-
devRancid612277dIf you lose the backup keys or only store them on 1 device it's your own damn fault and not "service XYZ being stupid"
What's the point of 2FA if it can just be bypassed/disabled for convenience?
Especially discord is heavily targeted by account takeover scammers, e.g. scanning a qr code browser-in-the-browser phishing or dragging a bookmark scriptlet -
BlueNutterfly15068277d@devRancid Look, I don't apprecoate the tone here. I do confess, though, that I was not thinking ahead and something truly unforeseen happened...
-
Demolishun33561265dDiscord tryin' so hard to get my phone number. It feels like they planning to dox me later. I had channels try and require phone numbers so I left those channels.
Google decided to turn of 2FA without me asking. They got my phone number from somewhere and started asking me to use that device. I went in an turned that shit off. No, I didn't turn it on.
This whole gotta get people's phone number is sociopathic at this point. Why they so keen on getting phone numbers? The security excuse seems flimsy to me.
I'm gonna rant about how Discord does not let you disable 2FA after having it enabled if you forget the code they provide for cases where you don't have access to the 2FA in the first place and I lost a damn account to that :/
rant
discord being stupid