I'm Getting SO Tired and Frustrated With the World of 2FA!

in Rant, Complain, Talk3 months ago

Pardon me, while a vent for a moment...

To be blunt, I am sick and tired of the world of "Two-Factor Authentication" (2FA) that increasingly seems to be a requirement of almost every web app and service we use, these days.


A Greater Issue...?

Truthfully, though, I suppose what I am really sick and tired of, is a world that makes it necessary... even essential, to add all these layers of obfuscation.

WTF, over?

Maybe my perspective is a bit narrow here, but I swear it feels like "swindling your way to something" is becoming more common than actually working your way to something.

And if you're actually one of the evidently dumbf*cks who's actually trying to work to get ahead, you'd better be armed and protected to the gills because some hacker-swindler-twat is waiting in the shadows to appropriate what you've worked for.

May the fleas of a thousand camels infest your underwear!

Actually, better yet, may a giant EMP roast all your technology to the point where your only option in life is to spend all eternity flipping burgers at McDonalds!


No, I'm not a "nice person."

I suppose the actual problem is that (evidently) there's no standardized encryption technology that's good/strong enough keep life any simpler and more secure for the vast majority of users.

We are just expected to be "content" with the fact that navigating life gets ever more complicated — and hence more time consuming — every day... and that's supposed to make us feel "happy and secure."

But part of this picture has never really made much sense to me.

Seems like like the entire issue is really more about "idiot proofing" online security than it is about "strengthening" it.

After all, even the most powerful CPUs/GPUs would take billions of years to brute force hack their way through something like our Hive keys.


There's Always a Better Idiot!

But it's also an old truism that the more you idiot proof something, the more powerful the idiots become.

So even if the intent behind 2FA is a reasonable enough notion that "we do all the thinking FOR you," it seems likely that people will follow the natural trajectory of applying less and less common sense to their own actions... and assuming that no matter how careless (and gullible!) their actions might be, "someone" is protecting them from themselves.

Really? I mean, REALLY?

Meanwhile, my frustration with 2FA just escalated with eBay... not because they asked, but because they insist on their methodology being to send me an old-fashioned SMS text with a code. So now I have to get up and go find my phone, and hopefully make it back to my desk before that code expires.


"What? You don't have your phone ON you, at all times?"

Hells, no, I don't! Nobody needs to be able to invade my personal space, 24/7. It's usually plugged in somewhere, so it's charged when I need to go to town, or photograph something.

But that's a sidetrack.

My beef here is that of all the venues I deal with that insist on using 2FA, there are probably a dozen different that's being implemented: text, email, special links, authenticator apps... so I'm not just keep track of passwords, but also the methods to authenticate them.

How the frak is that simpler and better?"

Allright... time for me to "get over myself," and get back to work.

Thanks for stopping by, and have a great remainder of your weekend!

Comments, feedback and other interaction is invited and welcomed! Because — after all — SOCIAL content is about interacting, right? Leave a comment — share your experiences — be part of the conversation! I do my best to answer comments, even if it sometimes takes a few days!


Greetings bloggers and social content creators! This article was created via PeakD, a blogging application that's part of the Hive Social Content Experience. If you're a blogger, writer, poet, artist, vlogger, musician or other creative content wizard, come join us! Hive is a little "different" because it's not run by a "company;" it operates via the consensus of its users and your content can't be banned, censored, taken down or demonetized. And that COUNTS for something, in these uncertain times! So if you're ready for the next generation of social content where YOU retain ownership and control, come by and learn about Hive and make an account!

(As usual, all text and images by the author, unless otherwise credited. This is original content, created expressly and uniquely for this platform — NOT cross posted anywhere else!)
Created at 2023-03-04 14:06 PST



Yeah dude I hear you this is getting out of hand. They also want to try and implement stupid shit like biometrics as well but then don’t really harden their systems and security to protect that information. It’s a dangerous and slippery slope and I don’t like it! It is definitely people getting lazy and outsourcing things to others. Password managers are exactly that as well.

May the fleas of a thousand camels infest your underwear!

Do you listen to the lyricist rapper Atmosphere? He has this statement in one of his songs and it’s hilarious! I don’t know if that’s something more common as an insult in the Middle East or Africa or something but I found it hilarious.

I have no idea where it's all going to end. The more elaborate the security gets, the more elaborate the hacking tools will get.

As for that saying, I learned it from a Lebanese college buddy who grew up in Cairo, Egypt. So I guess it's probably Middle Eastern.

I am relieved to hear that I'm not the only one who doesn't keep their phone ever present. It's a constant distraction of notification chirps throughout the day and night.

I check it twice a day with the benefit that a battery charge lasts a week... or less if I have to 2FA into a bunch of sites :)

I have just never been of the opinion that people need to be able to get to me every waking moment of my existence!

I mostly keep my phone close by, but most of the time it's muted so I don't have to listen to the notifications... and of course I miss most calls, too. But it's OK... 90% of them are scams and spams.

News from the Netherlands this week:

  1. People couldn't log in to healthcare, insurance and government services for 2 days because the national authentication system DigiD was overwhelmed by citizens eager to submit their tax returns ASAP.
  2. A journalist called Chris Klomp who had 70k followers lost access to his Twitter account when it was hacked after he had to change the 2FA method from SMS to something else. This was a disaster for him, since readers paid him directly for court reports and he relied on traffic from Twitter.

Seems like it doesn't really matter what we do, something is always going to go in an unexpected direction!

Yep. That's why I won't turn on 2FA unless they let me use Authenticator app, which I use 1password to handle for me, and it has plugins for every browser so I just hit a hotkey and it fills in the 2FA for me. If a site wants to use their own app or SMS, I just don't turn it on. Too annoying. I'm not convinced sending a code via SMS is very secure anyway.

That sounds like a good way to handle it... the sad thing about 2FA is that it doesn't actually make me feel like my stuff is any safer.

The only kind I actually don't mind" is one of my Visa cards sends me a code to my phone every time I use the card online, and I have to input the code before the actual charge happens.


A lot of 2fa requirements seem to be because people choose poor internet security, but instead of teaching people how to properly create and use strong passwords and not get caught by phishing schemes, they add complication for the rest of us.

Heh...! Reminds me a bit of how my wife occasionally turns to me and says "I see stupid people."