undefined | Better HN

0 pointstwawaaay3y ago0 comments

You missed the second part.

0 comments

3 comments · 1 top-level

carbocation3y ago· 2 in thread

I see, so you're saying that it's good that Google does the first part, but needs to add the second part. Awareness that Google does the first part wasn't clear from the comment.

twawaaayOP3y ago

Any security mechanism is pretty much worthless if it can be trivially circumvented.

So yes, the second part is pretty important

Actually both parts are important, either is worth little without the other. Having well implemented hardware key is useless if you can't configure more than one -- too much risk having a single piece of hardware that if it fails or you loose it will lock you irrevocably from the account.

joshuamorton3y ago

It's also possible to do this via advanced protection, it just makes account recovery ~impossible, so you have to explicitly opt in.

j / k navigate · click thread line to collapse