undefined | Better HN

0 pointsnewjersey4y ago0 comments

On gnome on fedora at least, I can have my gpg automatically unlock when I login to the desktop.

I already have two steps on GitHub with the authy app but I don't get it. Why is it not good enough to send an email with a code when signing in without a cookie for people who don't want to opt in to two steps?

The way I see it my authy is a vulnerability because if someone were to guess my authy phone number, they could technically grab all of my TOTP.

I don't get this spoon feeding. I mean I would sign up to two steps where I can but something doesn't feel right about the lack of choice.

0 comments

1 comments · 1 top-level

waynesonfire4y ago

i hate checking email or looking at my phone for two step auth. either choice requires me to access another system. It requires far fewer steps to just tap the button on the side of the yubikey.

j / k navigate · click thread line to collapse