this post was submitted on 25 Oct 2024
-5 points (45.8% liked)

Games

16726 readers
629 users here now

Video game news oriented community. No NanoUFO is not a bot :)

Posts.

  1. News oriented content (general reviews, previews or retrospectives allowed).
  2. Broad discussion posts (preferably not only about a specific game).
  3. No humor/memes etc..
  4. No affiliate links
  5. No advertising.
  6. No clickbait, editorialized, sensational titles. State the game in question in the title. No all caps.
  7. No self promotion.
  8. No duplicate posts, newer post will be deleted unless there is more discussion in one of the posts.
  9. No politics.

Comments.

  1. No personal attacks.
  2. Obey instance rules.
  3. No low effort comments(one or two words, emoji etc..)
  4. Please use spoiler tags for spoilers.

My goal is just to have a community where people can go and see what new game news is out for the day and comment on it.

Other communities:

Beehaw.org gaming

Lemmy.ml gaming

lemmy.ca pcgaming

founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 23 points 2 weeks ago* (last edited 2 weeks ago)

The hassle and delay is part of how it works. If there was a seamless catch all then it wouldn’t be feasible to make it secure.

Having a second physical factor, as much as it can be a hassle, is much better than any single factor.

Your password can be breached, brute forced, bypassed if there’s an issue somewhere.

Your biometrics can’t be changed so anything that breaks them (such as the breach of finger prints in databases, etc) makes them moot.

A single physical token can be stolen and/or potentially cloned by some attack in physical proximity (or breach of an upstream certificate authority)

But doing multiple of those at the same time. That’s inordinately much harder to do.

I will say the point/gist of the article is a good one. The variety of types some used here and others used there does make it a hassle to try to wrangle all the various accounts/logins. Especially in their corporate and managed deployment which isn’t saving passwords and has a explicit expiration of credential cache (all good things)