Really 2FA is just a complex way to give users a strong unique password. Everyth... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

bawolff on Dec 13, 2022 | parent | context | favorite | on: Ask HN: If I get locked out of everything, please ...

Really 2FA is just a complex way to give users a strong unique password. Everything else about it is security theatre (e.g. why do you care about your password and secret stored in the same place, when your session cookie is just stored in one place and all the attacker needs)

Wowfunhappy on Dec 13, 2022 [–]

Well, and that's why I'm not eager to enable 2FA just to store the secrets in the same place I already store my passwords (Bitwarden).

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact