3
lorentz
2y

I have 2FA enabled on NPM so it would shut up about it, the recovery codes are in my password manager, right next to my secure randomly generated password.

Password authentication is fucking stupid.

Comments
  • 0
    It's somewhat annoying but necessary.
  • 0
    @PonySlaystation I guess it makes the path from the password manager to the server safer, so that I can safely send these passwords in chat to a friend who may need temporary access to the account in question.
  • 1
    @lorentz If it's absolutely necessary, but some auth providers allow long session life times or only occasionally check MFA, thus it would still be the best to change the PW after usage of a third party.
    But the main plus of MFA is that you don't share accounts (neither with a hacker, nor a third party).
Add Comment