New
#40
My favourite method for 2FA is my Yubikey I just wish more places would offer it as an option.
Well......that is certainly interesting....definitely no harm in posting that whatsoever. /s
I can't even begin with how messed up this statement is.
Just checked them out, looks like they do work already with a lot of things I use. Will probably look into this, thanks
Last edited by Andrew129260; 10 Mar 2020 at 06:45.
They are the ultimate, but for now they have limited usefulness for most accounts. I say that because for many accounts, you cannot explicitly require a security key as the only 2nd factor or you can do an account recovery that essentially bypasses it. Many accounts that will let you use them will fall back to another option if the key is not available, and there is no opting out of that.
Microsoft is this way, for example. If I enable a security key on an MS account and I lose my key, I can still get in another way. It's this 'account recovery' that is the weak link for pretty much everyone.
Google's Advanced Threat Protection is the only email offhand I can think of where they require the key, no exceptions. It's pretty easy to use -- I tried it once. It doesn't really noticeably change the end-user experience.