technology

23218 readers

2 users here now

On the road to fully automated luxury gay space communism.

Spreading Linux propaganda since 2020

Rules:

1. Obviously abide by the sitewide code of conduct. Bigotry will be met with an immediate ban
2. This community is about technology. Offtopic is permitted as long as it is kept in the comment sections
3. Although this is not /c/libre, FOSS related posting is tolerated, and even welcome in the case of effort posts
4. We believe technology should be liberating. As such, avoid promoting proprietary and/or bourgeois technology
5. Explanatory posts to correct the potential mistakes a comrade made in a post of their own are allowed, as long as they remain respectful
6. No crypto (Bitcoin, NFT, etc.) speculation, unless it is purely informative and not too cringe
7. Absolutely no tech bro shit. If you have a good opinion of Silicon Valley billionaires please manifest yourself so we can ban you.

founded 5 years ago

MODERATORS

Jadzia_Dax@hexbear.net

blashork@hexbear.net

context@hexbear.net

EmmaGoldman@hexbear.net

SexUnderSocialism@hexbear.net

gaycomputeruser@hexbear.net

ZoomeristLeninist@hexbear.net

My personal conspiracy theory: the reason so many sites and services push for mandatory 2FA nowadays is to have an excuse to harvest phone numbers. (hexbear.net)

submitted 1 year ago by BeamBrain@hexbear.net to c/technology@hexbear.net

9 comments fedilink hide all child comments

all 10 comments

sorted by: hot top controversial new old

[–] PorkrollPosadist@hexbear.net 37 points 1 year ago* (last edited 1 year ago) (1 children)

Any 2FA that sends you an authentication code though SMS is masturbation. That "secret" code is getting broadcasted over the air in cleartext. Time-based OTP is the only reasonable solution.

[–] ColeSloth@discuss.tchncs.de 6 points 1 year ago

If you're willing enough to intercept my text messenger data and hack my system to know my login credentials and password before doing it, I'll just let you into my mcdonalds rewards account myself.

[–] Yurt_Owl@hexbear.net 33 points 1 year ago

I hate the ones that push their shitty 2fa app for only their one service

[–] FuckyWucky@hexbear.net 25 points 1 year ago (1 children)

yes that and the fact that phone numbers are more difficult to create and keep compared to emails. you can have a hundred gmail accounts but you can't have 100 SIM cards (yes there are VOIP numbers but those cost money too).

[–] snooggums@midwest.social 17 points 1 year ago

And companies frequently prohibit VOIP numbers from being used for 2fa.

[–] BeanBoy@hexbear.net 12 points 1 year ago

Surely they have our best interests in mind

[–] ChaosMaterialist@hexbear.net 10 points 1 year ago

No conspiracy necessary. Facebook went and did it.

[–] Tabitha@hexbear.net 7 points 1 year ago

SMS is the least secure form of MFA that I'm aware of, so objectively, yes.

[–] oscardejarjayes@hexbear.net 3 points 1 year ago

TOTP?