this post was submitted on 27 Oct 2023
1302 points (98.0% liked)

Memes

45660 readers
1095 users here now

Rules:

  1. Be civil and nice.
  2. Try not to excessively repost, as a rule of thumb, wait at least 2 months to do it if you have to.

founded 5 years ago
MODERATORS
 
you are viewing a single comment's thread
view the rest of the comments
[โ€“] [email protected] 1 points 1 year ago (1 children)

How does this all compare to using 2fa everywhere?

[โ€“] [email protected] 1 points 1 year ago

2FA is in the name, 2 factor authentication. A "factor" can be considered as proof that you are who you are. The more the factors provided, the more concrete proof the system has that the user is legitimate.

What a factor is is a more complicated. It can be broadly put in 3 categories (there's more but we'll ignore for now) :

  • something you know, like a PIN/password
  • something you are, like biometrics/eye scanning
  • something you have, like an ATM card or phone

The 2FA you are thinking of is probably the 1st (a password you know) + a PIN sent to or generated by something you have (a phone). If the 2nd pin was some you had created by memory like a password rather than a remote system generated one then it would be considered same as the first factor, it wouldn't be multi factor.

So yeah it's important that you keep both factors as secure as possible. A good password + a phone to generate TOTPs. I mean theoretically you can keep a password of ABC and keep 2FA on so hackers wouldn't be able to get into your system but let's follow best practices yeah? Use a password generator to make complex passwords for a login and enable 2FA.