The things I use it for did not allow me the choice to use a third party authenticator. And, because I don’t have extensive compsci knowledge, I wouldn’t know how to set it up for everything in a way that works every time.
Are you suggesting I and every other average American are simply too lazy to build our own platforms? How dare we complain about the things shoved on us by big tech, when open source formats are out there?
My issue with 2FA is that there are now multiple points of contact—a computer, and some mobile device usually. Hell, Apple made me log into every single one of my devices recently just to log into a shared AppleID. The more devices I have to use to log into something, the bigger issue I have with it.
Yes, the platforms themselves are collecting data all the time. Yes, the platforms are problematic. Yes, there are other apps you can use for 2FA that don’t have the same collection and back door problems. No, they don’t work with everything and for everybody.
We should revisit this discussion if, after S2992 is passed, Google Authenticator ceases to be free like Google Maps.
The things I used it for did not allow me the choice to use a third party authenticator.
Which authenticator did they "require" you to use? Because I'll tell you that almost everywhere uses the exact same standard, so you can use any authenticator app you want, even if they say you have to use Google Authenticator or whatever. Every website I've come across uses the same standard.
The company I work for does use one that's proprietary, for whatever reason. But that's all on my work phone.
Are you suggesting I and every other average American are simply too lazy to build our own platforms?
No, I'm saying that you can use your own platform with relative ease, making 2FA apps a very silly attack vector for Big Tech to use when they have all sorts of far more effective attack vectors at their disposal (the entire operating system on your phone, for example).
The things shoved on us by big tech
Big tech isn't shoving you to use their authenticator app. It is just as easy to download literally anybody else's.
Open source formats are out there.
Not open source formats. The exact same thing. The 2FA used by all these websites is open source. It's a standard.
Apple made me log into all my devices
This type of 2FA is already built into your phone's operating system. Ergo, even if you don't use it, Apple already has any access they would get by you using this. They're not giving information to the websites and, if they were, they could literally just do that whether you opt in to this style of 2FA or not.
I don't have extensive compsci knowledge.
I can tell. I do. I don't expect you to trust me, but hopefully I can send you on the right path: 2FA as currently implemented is not likely malicious like you think it is.
If Google Authenticator ceases to be free once Google can no longer profit from your data
Listen, Google Authenticator is the same thing as all of the open source alternatives that you can download just as easily from Google Play. The only differences are how it looks and how you interact with it. The standard behind it is the exact same. Out of all the apps Google has, Google Authenticator is easily the least offensive.
Just use something other than Google Authenticator. It's literally no more difficult and does the exact same thing.
I never said I don’t use 2FA at all.
The things I use it for did not allow me the choice to use a third party authenticator. And, because I don’t have extensive compsci knowledge, I wouldn’t know how to set it up for everything in a way that works every time.
Are you suggesting I and every other average American are simply too lazy to build our own platforms? How dare we complain about the things shoved on us by big tech, when open source formats are out there?
My issue with 2FA is that there are now multiple points of contact—a computer, and some mobile device usually. Hell, Apple made me log into every single one of my devices recently just to log into a shared AppleID. The more devices I have to use to log into something, the bigger issue I have with it.
Yes, the platforms themselves are collecting data all the time. Yes, the platforms are problematic. Yes, there are other apps you can use for 2FA that don’t have the same collection and back door problems. No, they don’t work with everything and for everybody.
We should revisit this discussion if, after S2992 is passed, Google Authenticator ceases to be free like Google Maps.
Which authenticator did they "require" you to use? Because I'll tell you that almost everywhere uses the exact same standard, so you can use any authenticator app you want, even if they say you have to use Google Authenticator or whatever. Every website I've come across uses the same standard.
The company I work for does use one that's proprietary, for whatever reason. But that's all on my work phone.
No, I'm saying that you can use your own platform with relative ease, making 2FA apps a very silly attack vector for Big Tech to use when they have all sorts of far more effective attack vectors at their disposal (the entire operating system on your phone, for example).
Big tech isn't shoving you to use their authenticator app. It is just as easy to download literally anybody else's.
Not open source formats. The exact same thing. The 2FA used by all these websites is open source. It's a standard.
This type of 2FA is already built into your phone's operating system. Ergo, even if you don't use it, Apple already has any access they would get by you using this. They're not giving information to the websites and, if they were, they could literally just do that whether you opt in to this style of 2FA or not.
I can tell. I do. I don't expect you to trust me, but hopefully I can send you on the right path: 2FA as currently implemented is not likely malicious like you think it is.
Listen, Google Authenticator is the same thing as all of the open source alternatives that you can download just as easily from Google Play. The only differences are how it looks and how you interact with it. The standard behind it is the exact same. Out of all the apps Google has, Google Authenticator is easily the least offensive.
Just use something other than Google Authenticator. It's literally no more difficult and does the exact same thing.