stinerman@midwest.social 2 days ago
It is coding for the lowest common denominator of user – those who use the same easily-guessable password for everything. Making them click a link to login is honestly better security.
Of course there should be an option for those of us who have a TOTP app and use a password manager.
neidu3@sh.itjust.works 2 days ago
Can’t brain today, I have the dumb. What’s TOTP, other than that BBC show?
dbx12@programming.dev 2 days ago
Time based one time passwords. Those (usually) six digit codes which get replaced every 30 seconds or so. During setup you copied the secret to your device (usually smartphone) and now your device and the server you authenticate at can calculate the same secret code every thirty seconds.
AA5B@lemmy.world 2 days ago
Which reminds me: I just got a new phone and totally forgot about Authenticator apps
I was able to recover one but the other is lost and I still need to get those accounts reset
dbx12@programming.dev 1 day ago
Adding a shameless plug here: Aegis is available on f-droid and allows you to backup your 2FA secrets on your own server (e.g. own nextcloud) in case you don’t trust the default Google authenticator.