I dont care for 2fa. Not interested in having my phone connected to my computer, and i dont like having an extra step when logging into stuff – especially an extra step that needs me to use a second device. Id honestly rather risk getting hacked over ever having to use 2fa again.
Use a Yubikey. It’s a small USB Device you can put on a keychain. It is still a second device, but it’s not your phone. And you always have your keys with you, anyway.
I have no reason to believe that the google authenticator app on my google phone doesn’t register and record that it’s being used to log into XYZ website, and further that XYZ website is not then sending back unique identifying info to Google about me when ive used the code to log in.
I’ve lived with tech long enough to know that if they say “we absolutely don’t,” it really means they probably do.
Like when they swore up and down and gaslit us that our phones aren’t listening to us to generate ads.
How many lies can I believe before I begin assuming everything is just another lie from a liar?
Guess im paranoid.
But that whole thing ignores that it’s an annoying second step with another device. Like “you want to log in? Thread a needle with the string in your pocket first…”
I dont care for 2fa. Not interested in having my phone connected to my computer, and i dont like having an extra step when logging into stuff – especially an extra step that needs me to use a second device. Id honestly rather risk getting hacked over ever having to use 2fa again.
Use a Yubikey. It’s a small USB Device you can put on a keychain. It is still a second device, but it’s not your phone. And you always have your keys with you, anyway.
Yubikey is closed source and likely steals your data
This makes me mad but I have absolutely no justification. Like, it’s your life. But I am incensed. Godspeed.
Thank you for the grace.
He says having never dealt with having his identity stolen.
Correct. It solved a problem that didnt exist for me.
Why do you think you need to connect your phone to your computer?
You do know you can just generate codes and neither device will know of the others existence, right?
I have no reason to believe that the google authenticator app on my google phone doesn’t register and record that it’s being used to log into XYZ website, and further that XYZ website is not then sending back unique identifying info to Google about me when ive used the code to log in.
I’ve lived with tech long enough to know that if they say “we absolutely don’t,” it really means they probably do.
Like when they swore up and down and gaslit us that our phones aren’t listening to us to generate ads.
How many lies can I believe before I begin assuming everything is just another lie from a liar?
Guess im paranoid.
But that whole thing ignores that it’s an annoying second step with another device. Like “you want to log in? Thread a needle with the string in your pocket first…”
But then just don’t use google authenticator and instead one of the FOSS alternatives? Aegis comes to mind.
Like the original reply to your situation said, you do you - but this seems a weird threat model to me, extra-step point notwithstanding.