New
#31
Exactly the point i was making. Yes 2FA is an added benefit of security its a good security layer but its not perfect and can still be bypassed. Its like locking the front door but i can still smash your windows.
if they can get into the database then 2FA is not effective hence yes rainbow tables are in play. take down the infrastructure for 2FA or bypass it completely and then go from there. They don't even need the passwords really if they are that far in. BUt we see sold or leaked passwords is a common thing so there is money incentive to these things from that end.
its a small percentage of people with this skill set. But for the most part 2FA works. What i am alluding to its more to it than most people think. I think the grounds have been here for a good while now like over 10 years and in some cases 20.
This is a long winded rant for a while now as initially it was just meant as GitHub forcing 2FA rant.
This far in though it still stands 2FA works as intended but is it really necessary? a century or more of time to crack an effective password so really as a baseline 2FA is authentication to a user. again its a double sided coin if you do the math. We are seeing those signs that we need to prove who we are and what we are doing in some contexts.
for the average user this is not even on the radar.
Can we explain why i need to authenticate to play minecraft? like to even log in? Because to me that does not even make sense. Why does Minecraft need to crypto my chat logs? on my own private server where me as the Admin should be able to police that myself. I don't need Microsoft to mediate for me.
Last edited by Malneb; 12 Feb 2024 at 01:13.