this post was submitted on 25 Oct 2024
-4 points (46.6% liked)

Games

16800 readers
586 users here now

Video game news oriented community. No NanoUFO is not a bot :)

Posts.

  1. News oriented content (general reviews, previews or retrospectives allowed).
  2. Broad discussion posts (preferably not only about a specific game).
  3. No humor/memes etc..
  4. No affiliate links
  5. No advertising.
  6. No clickbait, editorialized, sensational titles. State the game in question in the title. No all caps.
  7. No self promotion.
  8. No duplicate posts, newer post will be deleted unless there is more discussion in one of the posts.
  9. No politics.

Comments.

  1. No personal attacks.
  2. Obey instance rules.
  3. No low effort comments(one or two words, emoji etc..)
  4. Please use spoiler tags for spoilers.

My goal is just to have a community where people can go and see what new game news is out for the day and comment on it.

Other communities:

Beehaw.org gaming

Lemmy.ml gaming

lemmy.ca pcgaming

founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[โ€“] [email protected] 9 points 4 weeks ago (1 children)

I don't think that the problem is 2FA itself so much as poor UX on existing systems.

Let's say that I have a little USB keychain dongle in my pocket with an "approve" button and a tiny screen. When I sign in, at the time that I plug my password in, I plug the dongle in. It shows the information for whom I am approving authentication. I push the "approve" button.

It's got a trusted display (unlike a smartcard, so that a point-of-sale system can't claim that I'm approving something other than what I am).

It can store multiple keys, and I basically use it for any credentials that I don't mind carrying with myself.

I then keep another, "higher security" dongle at home with more-sensitive keys.

Does that add some overhead relative to just entering my password? Yeah. But is it a big deal? No. And it makes it a lot harder for someone to swipe credentials.

I agree that using phone-linked SMS 2FA authentication is problematic (for a number of reasons, not just because it locks you to a phone, but because there are also privacy implications there).

[โ€“] [email protected] 3 points 4 weeks ago

I then keep another, "higher security" dongle at home with more-sensitive keys.

Noted :)