A nice little article for our members which are new in the privacy and security world. topics that are discussed are password hashing, 2FA and all that good stuff.
Good article for the public it’s aiming at, with some caveats :
- Using a password manager should come first, and 2FA second.
- Advice to use 2FA is irresponsible unless it comes with advice to backup the codes.
- 2FA should not be presented as an airtight solution, because it’s not. There’s not even a warning that the lesser method of 2FA, through SMS, is now considered obsolete and downright dangerous. In fact, bad 2FA might be worse than good password hygiene without 2FA.
Yeah, I think it is a bit concerning that 2fa, whether that be biometric or otherwise, has started to become a panacea, and that many of these methods are even being talked about as a “replacement” for passwords, rather than what it should be used for, obviously being a 2nd factor of identification.
I agree that 2fa does absolutly not replace passwords. But knowing how bad the average person is at using password, 2fa can really help out, even if its just sms 2fa
Yeah, completely agreed. I even understand why some people may even think it could be a replacement for passwords given the average users poor use of them.