Uhg please no. People's needs and threat models are different. This is same kinda crap as insurance companies offering "discounts" for wearing a fitness tracker.
-
-
So you don't want a second factor for your credit card login? I don't see why encouraging people to increase their account security is a bad thing.
1 reply 0 retweets 0 likes -
I don't want to be unable to login when my phone breaks or can't get signal.
1 reply 0 retweets 0 likes -
Good point! But that's why there are usually recovery codes you can print out / store somewhere safe.
1 reply 0 retweets 0 likes -
Lots of inconvenience and risk of loss for zero benefit.
2 replies 0 retweets 0 likes -
Replying to @RichFelker @deppaws and
It’s actually likely to be a significant cost savings for the company. Fraud claims can be time consuming to investigate, may turn into lawsuits, and may not result in recovery of funds. 2FA is likely to significantly reduce, but not eliminate, amount of fraud.
1 reply 0 retweets 0 likes -
Replying to @ValidHorizon @deppaws and
Absolutely. It's a cost savings to the company at the expense of the customer.
1 reply 0 retweets 0 likes -
Replying to @RichFelker @ValidHorizon and
This is absurd. Zero benefit? Seriously? Have you ever had to help a non-tech savvy user recover from an account compromise, especially one involving a bank account in which money gets stolen? Plenty of time wasted recovering from it and unnecessary stress added.
3 replies 0 retweets 2 likes -
Replying to @jp4gs @RichFelker and
People's needs and threat models are certainly different, except when they're not. Many people's threat models share identical qualities. 2FA is a universally-applicable security control that everyone benefits from *when it's implementated well of course*
1 reply 0 retweets 0 likes -
Replying to @jp4gs @RichFelker and
Where does this like of thinking come from anyway? I keep seeing these sentiments about "everyone's threat model is different, man!" as if it's some kind of protest against mainstream InfoSec knowledge for the sake of protesting and nothing else
1 reply 0 retweets 0 likes
It's a protest against imposing requirements that are all about reducing risk *for the business users are authenticating to* and framing it as "good for the users" when it's good for some users, bad for others.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.