No Such Thing as Perfect Security | http://www.littlebobbycomic.com/projects/week-207/ …pic.twitter.com/TIb7l0CU7V
You can add location information to your Tweets, such as your city or precise location, from the web and via third-party applications. You always have the option to delete your Tweet location history. Learn more
I often hear the argument "we shouldn't call bad solutions bad, or people might not use the bad solution", but I strongly disagree and reject that argument. We have a good solution, and we're burning our limited goodwill on snakeoil. 2/2
One of the main reasons this is still an argument over what advice to give people is the lack of companies supporting solutions like U2F, even most major banks only support weak/limited passwords + SMS 2FA. So people recommend it as a reduction of risk, however small that may be.
This is all true of phishing is the attack 2FA is supposed to protect against. But what about simple large-scale credential stuffing? 2FA negates that entire attack technique, and that seems like a sizable win...
I think it's debatable whether the set of password reusers who can't be phished even exists, but if we assume it does exist for the purpose of discussion, 2FA is a terrible solution to it. We have better solutions already that really work!
which forms of 2FA are you talking about here? SMS messages?
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.