5
Elendil
6y

!rant

Many out there say you should use 2 factor authentication with everything, but personally i feel lile that would just turn your phone into a sigle point of failure.
Phisical security is my primary worry, because loosing your phone or having it stolen yould pretty much lock you out of all your accounts.
Another thing is i don't know as much about android security, and i wouldn't be confortable managing it.

I have 2FA active for some key services, but imho a strong password is usually enough. I think its far more more importat for your overall security to avoid passwords re-use.

What do you think? Do you have 2FA on all the time?

Comments
  • 3
    Most services that provide 2fa, like Google authentication, also have single use static codes that you can use if you loose your phone, run out of batteries or otherwise loose access to it. They also have support teams that can reset your account's security settings if you call/email them.

    It's not a single point of failure because, even if your phone is compromised, people need your actual password to still access your data. It's in the concept that 2fa finds its strength.
  • 1
    (strongPassword && 2fa) > (!strongPassword || !2fa)
  • 3
    I have a yubikey so my phone is usually not the point if failure. But no a lot of devices support yubikey (most of the only support sth like Google authenticator).

    Personally I like 2FA but sevices need to implement them dammit
  • 1
    I have it on about all the time wherever I can. One of my primary concerns is solely the fact that not every service should know my phone number in my opinion.

    Anyways, the thing with 2FA is that if someone gets hold of your password, they're still fucked anyways :)
  • 1
    @ThoughtfulDev woohoo! Yubikey! At least google, Facebook and gitlab support it.
  • 0
    Thanks for the feedback guys :)

    @linuxxx this is ot, but what vpn service would you reccomend for security and privacy? Preferably something with p2p support :)
    I am currently using TunnleBear but they are based in north america (can't remember if in the us or canada) and i don't like how things are looking over there from a legal standpoint.
    Also what's your opinion on using browser extensions as opposed to desktop vpn clients? Are they a liability?
  • 0
    @Elendil Using it system wide is always better. Next to that, NordVPN at least :)
  • 0
    @linuxxx Thanks ;) i thought that aswell, but browser extensions are quite convenient XD
    what's the speed like woth NordVPN? I would mostly use it to stream video and sometimes gaming, so i'd like it to be stable.
    I'm not overly concerned with my personal security tbh, but its a nice to have seeing where the world is headed ;)
  • 0
    @Elendil Well the definition of personal security is mostly @No-One hacking into your systems and not becoming a victim of identity theft so if you don't care about that I'd get pretty worried O.o :P.

    It's pretty decent in my opinion. But haven't used it for a while now so can't be sure :)
Add Comment