You say "trivial". Many orgs say "achievable". And 2FA isn't homeopathy, it's Aspirin. Legitimate but weak. Even the placebo of a second factor is hopefully enough to make an attacker move on.
Perhaps homeopathy can be practiced safely if you accurately convey the risks and tradeoffs. The placebo effect is real, it might help a handful of people. Homeopathy is still trash though.
-
-
“Hey boss
@taviso said on Twitter that 2FA is the essential oils of security so we are just going to turn off 2FA until we can deploy yubikeys to everyone k?” I mean come on man. -
"Hey boss
@taviso said on Twitter that Homeopathy is the 2FA of medicine, so we are just going to save our money until we can deploy Antibiotics to everyone k?" ....Umm, yes, that sounds like a fantastic idea. - 22 more replies
New conversation -
-
-
90% of Gmail users aren’t even practicing your homeopathy. Google Apps is THE platform for startups and SMBs. Let’s be practical. Don’t let perfect be the enemy of better. https://www.theregister.co.uk/2018/01/17/no_one_uses_two_factor_authentication/ …
-
Sorry, not trying to pick on Google here. I have just seen that particular issue a LOT in my work with startups, SMBs, and EDUs.
- 14 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.

