SMS one time passwords are something that should have died years ago. They're terrible for security and never come through

@rubenwardy Yes. 2FA using a phone application is a better solution if the service in question supports it. Of course, hardware 2FA is more convenient.

@neildarlow I really like the TOTP protocol (ie: scan a QR code, get periodic verification tokens), it's clean and provider-independent - just how things should be

Sign in to participate in the conversation

Fosstodon is an English speaking Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.