If you set login to require 3/10 then 3 of those ways would need a security flaw... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		Thorrez on Aug 24, 2020 \| parent \| context \| favorite \| on: Finding vulnerable Twitter accounts with expired d... If you set login to require 3/10 then 3 of those ways would need a security flaw before your account is compromised.

r3muxd on Aug 24, 2020 [–]

and then you'd need 3 factors just to log in, let alone any additional MFA those have

Thorrez on Aug 25, 2020 | [–]

Yeah, I guess it could be inconvenient. On the other hand for many things I don't need to log in very often due to cookies keeping me logged in.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact