I’ve recently become pretty disillusion with 2FA in general. Google has recently... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		thepasswordis on July 11, 2024 \| parent \| context \| favorite \| on: Second factor SMS: Worse than its reputation I’ve recently become pretty disillusion with 2FA in general. Google has recently started enforcing their own “click yes on already authorize mobile device” 2FA, which is very frustrating. I have hardware 2FA keys that I keep in a safe. I deliberately do not keep them on me, and using them to re-auth is mentally an “event”. This is not the case with my cell phone, which my kids play with, gets left on my dresser while the cleaners work, etc. Really pushing me to run my own services again, but that obviously comes with its own challenges.

warkdarrior on July 11, 2024 [–]

Google lets you choose which authenticators to use (SMS, push to mobile, TOTP, etc). It sounds like you should disable push to mobile for your accounts.

thepasswordis on July 11, 2024 | [–]

You cannot disable this anymore. You can add a hardware key, but cannot disable the mobile confirmation thing.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact