I’ve been going through updating all of my accounts (passwords, 2FA, etc.), and I’ve noticed that there are a lot of sites that don’t offer any form of MFA.

I can understand smaller services that might not have the bandwidth, but surely larger organisations are able to get this setup?

  • halcyoncmdr@lemmy.world
    link
    fedilink
    English
    arrow-up
    2
    ·
    6 months ago

    Possibly, but the real world is likely nowhere near that. I’d be willing to bet most people in general don’t leave their phone lying around their house randomly while they’re home and actively doing things where they might need to login to accounts. More likely their phone is in a pocket, or on the desk in arms reach, not the other side of the house while they’re on the computer.

    And of course all of this assumes a phone only app or a text message while ignoring the systems that let you access your messages from other devices. Like the iOS/Mac support through an Apple ID, Android Messages supports via the web, and Phone Link on Windows will let you do as well over WiFi at home. All of those will let you access your phone messages without needing the phone directly in front of you.

    • Thavron
      link
      fedilink
      arrow-up
      2
      ·
      6 months ago

      I think you’re vastly overestimating the digital literacy of the population as a whole.

      • halcyoncmdr@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        ·
        6 months ago

        Oh I realize how illiterate most people are with tech. But fully integrated systems like Apple’s Keychain and integration with Mac products make that a much smaller issue than it would otherwise be on the surface for many of those users. At least, until they don’t remember their Apple ID.