home.social

#twofactor — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #twofactor, aggregated by home.social.

  1. ZDNet: Microsoft won’t send you SMS texts for login anymore – why it’s pushing passkeys instead.”On a new support page, Microsoft announced that it will start phasing out SMS as an authentication and account recovery method for personal Microsoft accounts. Instead, the company is pushing passkeys, which offer much stronger security.”

    https://rbfirehose.com/2026/05/23/zdnet-microsoft-wont-send-you-sms-texts-for-login-anymore-why-its-pushing-passkeys-instead/
  2. ZDNet: Microsoft won’t send you SMS texts for login anymore – why it’s pushing passkeys instead.”On a new support page, Microsoft announced that it will start phasing out SMS as an authentication and account recovery method for personal Microsoft accounts. Instead, the company is pushing passkeys, which offer much stronger security.”

    https://rbfirehose.com/2026/05/23/zdnet-microsoft-wont-send-you-sms-texts-for-login-anymore-why-its-pushing-passkeys-instead/
  3. ZDNet: Microsoft won’t send you SMS texts for login anymore – why it’s pushing passkeys instead.”On a new support page, Microsoft announced that it will start phasing out SMS as an authentication and account recovery method for personal Microsoft accounts. Instead, the company is pushing passkeys, which offer much stronger security.”

    https://rbfirehose.com/2026/05/23/zdnet-microsoft-wont-send-you-sms-texts-for-login-anymore-why-its-pushing-passkeys-instead/
  4. ZDNet: Microsoft won’t send you SMS texts for login anymore – why it’s pushing passkeys instead.”On a new support page, Microsoft announced that it will start phasing out SMS as an authentication and account recovery method for personal Microsoft accounts. Instead, the company is pushing passkeys, which offer much stronger security.”

    https://rbfirehose.com/2026/05/23/zdnet-microsoft-wont-send-you-sms-texts-for-login-anymore-why-its-pushing-passkeys-instead/
  5. ZDNet: Microsoft won’t send you SMS texts for login anymore – why it’s pushing passkeys instead.”On a new support page, Microsoft announced that it will start phasing out SMS as an authentication and account recovery method for personal Microsoft accounts. Instead, the company is pushing passkeys, which offer much stronger security.”

    https://rbfirehose.com/2026/05/23/zdnet-microsoft-wont-send-you-sms-texts-for-login-anymore-why-its-pushing-passkeys-instead/
  6. Amazon. Wants a passkey. Set a passkey.
    Go to sign in
    Wants email - ok
    Wants fingerprint (Macbook Air here) - ok
    and now it wants my 2FA

    I REALLY do not get why passkeys are ‘the thing’.

    #passkey #security #twofactor #2FA

  7. Barn door slamming....#GitHub will start requiring active developers to enable #TwoFactor #authentication #2F on their accounts beginning next week, on March 13. Once expanded to the company's entire user base, the 2FA enrollment requirement will help #secure the accounts of more than 100 million users. bleepingcomputer.com/news/secu

  8. "His mobile phone, which is required for the two-step authentication process to verify his identity cards, is held by police."

    I have ALWAYS thought #twoFactor created personal vulnerabilities, particularly but not exclusively when travelling abroad. I (stupidly) hadn't thought about how it facilitates autocratic policies such as ethnic cleansing. Much like #AISurveillance.

    #giftArticle in previous toot.

    #technologyEthics #cybersecurity #civilliberties

  9. I have ALWAYS thought #twoFactor created personal vulnerabilities, particularly but not exclusively when travelling abroad. I (stupidly) hadn't thought about how it facilitates autocratic policies such as ethnic cleansing. #technologyEthics #cybersecurity #civilliberties bsky.app/profile/j2br...

    RE: https://bsky.app/profile/did:plc:ic4mplmy2blzwvurli4htcim/post/3ltxpce2dczw2

  10. Why does #Sharkey / #Misskey need an "authenticator app" registered before you can use a hardware key? That doesn't make sense #security wise.

    Yeah I know it's to prevent people from just accidentally getting locked out of their accounts, but there should be an option for
    #FediAdmins to allow this risk. 🤔

    #2FA #yubikey #hardwarekey #cybersecurity #twofactor #twofactorauth #twofactorauthentication

  11. I believe it's time to modify Laravel's Authentication flow for a two-step scenario.

    It's very difficult to make 2FA unless you deal with a middleware that checks 2FA on EVERY REQUEST, instead of just at the login flow.

    #PHP #Laravel #Authentication #Security #2FA #TwoFactorAuthentication #TwoFactor #Auth #Programming #SoftwareDevelopment #WebDevelopment #WebDev

  12. MakeUseOf: This free app turns any USB into a PC security key. “Personally, I prefer using a YubiKey security key to secure my login accounts. However, if you don’t want to splurge on a dedicated hardware key, you can turn your humble USB flash drive into a security key using USB Raptor.”

    https://rbfirehose.com/2025/10/19/makeuseof-this-free-app-turns-any-usb-into-a-pc-security-key/

  13. Sandia Lab: Two-factor authentication just got easier. “Researchers at Sandia have announced a more efficient way to generate and send temporary security codes. Unlike conventional methods, the new technique does not depend on the time, which could help secure small and remote network-connected devices, including drones, remote sensors, agricultural equipment and industrial control systems.”

    https://rbfirehose.com/2025/07/29/sandia-lab-two-factor-authentication-just-got-easier/

  14. Maybe it's female of me to realise that you can't always control whether you have any devices (let alone USB keys) on your person, or indeed what your face looks. #twoFactor is OK for sophisticated matters of business, but it can't be mandatory for essentials eg proving nationality, accessing email.

  15. I live in a country where the main federal government service sends account confirmation codes by postal mail. Maybe someone Francophone misheard "two factor" authentication and thought it was «du facteur» authentication?

    #Canada #GCKey #CanadaPost #TwoFactor

  16. Ich wollte mich heute im Google Browser am Laptop anmelden und sollte die 2 Faktor Authentfizierung im Auto bestätigen (Android Automotive mit Google Chrome) :D #androidautomotive #twofactor #it

  17. Have you ADDED 2FA to your website? Have you added 2FA to your hosting providers? Have you added 2FA to your keyvault in Azure?

    I have.

    Maybe you should even if you aren't an enterprise. #2fa #twofactor #cybersecurity

  18. If I want to migrate away from #Authy, which iOS App would I use these days?

    I only need an iOS app. It should sync via iCloud without the need for other external accounts or servers. If I could export the data for the case I want to migrate again, that would be perfect.

    No Chrome plugin, no desktop app. Nothing that saves my passwords together with ny #2FA codes. That would be absurd.

    Is 2FAS okay? It seems like it's pretty much the best choice currently.

    #TwoFactor #Security #iOS #AskFedi

  19. WordPress > Secure your account on wp.org

    Here is a good post about how to secure your account on wp.org with an additional security factor:

    Setup Two-Factor authentication on wordPress.org
    make.wordpress.org/meta/2023/0

    Just generated a passkey, set up a two-facor app and saved some backup codes. Only takes a few minutes and gives piece of mind.

    (Especially recommended for theme and plugin authors 😉)

    #WordPress #Login #Security #TFA #TwoFactor

  20. Me arrepiento de usar Authy de Twilio para gestionar la autenticación de doble factor. No solo porque ya no dan soporte en Linux, sino que además no te da la opción de exportar las claves para irte a otro software.
    Al final lo he conseguido usando un script creado por un héroe sin capa.
    Lección que estaréis cansados de escuchar: no usar software libre sale caro.
    #TwoFactor #twilio

  21. Ревизия аккаунтов потихоньку доходит до аккаунтов, которыми я не пользовался уже много лет. Смотрю, как сайты изменились.

    #DeviantArt позволяет "деактивировать" аккаунт. На странице показывает плачущего робота ( :blobcatwut: ) и подробно перечисляет последствия "деактивации".

    Задумался.
    Гуляя по аккаунту, набрёл на вкладку Authentication, где встретил прямо-таки золото: двухфакторный вход доступен только по платной подписке. :blobcatheadache:

    Я бы понял, если бы они отправляли SMS; но описание прямо там же утверждает, что код надо будет вводить из генератора — т. е. там банальный #TOTP, кроме разовых расходов на разработку эта фича ничего не расходует. :blobcatbolb:

    Ну ладно. (Отключил аккаунт.)

    #security #2fa #TwoFactor

  22. As so many people gather with families and friends, make a plan for yourself to set everyone up with real Two-Factor Authentication, at least on their primary email

    Give the gift of resilience

    ssd.eff.org/module/how-enable-

    #2FA #TwoFactor #infosec

  23. schneier.com/blog/archives/200

    This was written nearly 20 years ago… yet today… I see examples of this "wish it were two factor" all over the place.

    One being the leave booking system my workplace now uses (Oracle NetSuite).

    You want to do two-factor, fine, let's do it *properly*. FIDO2 WebAuthN.

    Want to pretend? Don't bother! (And people why I want to leave the IT sector?)

    #InfoSec #TwoFactor #rant

  24. I can now use a Yubi Key to lock my iPhone down even more

    Apple announces physical Security Key support for Apple ID two-factor, new iMessage verification technology 9to5mac.com/2022/12/07/apple-s

    #Apple #SecurityKey #AppleID #TwoFactor #iMessages

  25. In case this platform gets even more popular and changes from currently enjoyable to hosting slightly more shenanigans-prone people (prone to being either on the perpetrating or receiving end of the dishonest, mischievous grade of shenanigans), I just set my Mastodon account to 2FA in Preferences. Can recommend. #2FA #twofactor #security

  26. I live in a country where the main federal government service sends account confirmation codes by postal mail. Maybe someone Francophone misheard "two factor" authentication and thought it was «du facteur» authentication?

    #Canada #GCKey #CanadaPost #TwoFactor

  27. I live in a country where the main federal government service sends account confirmation codes by postal mail. Maybe someone Francophone misheard "two factor" authentication and thought it was «du facteur» authentication?

    #Canada #GCKey #CanadaPost #TwoFactor

  28. I live in a country where the main federal government service sends account confirmation codes by postal mail. Maybe someone Francophone misheard "two factor" authentication and thought it was «du facteur» authentication?

    #Canada #GCKey #CanadaPost #TwoFactor

  29. I live in a country where the main federal government service sends account confirmation codes by postal mail. Maybe someone Francophone misheard "two factor" authentication and thought it was «du facteur» authentication?

    #Canada #GCKey #CanadaPost #TwoFactor

  30. Sandia Lab: Two-factor authentication just got easier. “Researchers at Sandia have announced a more efficient way to generate and send temporary security codes. Unlike conventional methods, the new technique does not depend on the time, which could help secure small and remote network-connected devices, including drones, remote sensors, agricultural equipment and industrial control systems.”

    https://rbfirehose.com/2025/07/29/sandia-lab-two-factor-authentication-just-got-easier/