The hassle and delay is part of how it works. If there was a seamless catch all then it wouldn’t be feasible to make it secure.
Having a second physical factor, as much as it can be a hassle, is much better than any single factor.
Your password can be breached, brute forced, bypassed if there’s an issue somewhere.
Your biometrics can’t be changed so anything that breaks them (such as the breach of finger prints in databases, etc) makes them moot.
A single physical token can be stolen and/or potentially cloned by some attack in physical proximity (or breach of an upstream certificate authority)
But doing multiple of those at the same time. That’s inordinately much harder to do.
I will say the point/gist of the article is a good one. The variety of types some used here and others used there does make it a hassle to try to wrangle all the various accounts/logins. Especially in their corporate and managed deployment which isn’t saving passwords and has a explicit expiration of credential cache (all good things)
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: [email protected]
Video game news oriented community. No NanoUFO is not a bot :)
Posts.
News oriented content (general reviews, previews or retrospectives allowed).
Broad discussion posts (preferably not only about a specific game).
No humor/memes etc…
No affiliate links
No advertising.
No clickbait, editorialized, sensational titles. State the game in question in the title. No all caps.
No self promotion.
No duplicate posts, newer post will be deleted unless there is more discussion in one of the posts.
No politics.
Comments.
No personal attacks.
Obey instance rules.
No low effort comments(one or two words, emoji etc…)
Please use spoiler tags for spoilers.
My goal is just to have a community where people can go and see what new game news is out for the day and comment on it.
The hassle and delay is part of how it works. If there was a seamless catch all then it wouldn’t be feasible to make it secure.
Having a second physical factor, as much as it can be a hassle, is much better than any single factor.
Your password can be breached, brute forced, bypassed if there’s an issue somewhere.
Your biometrics can’t be changed so anything that breaks them (such as the breach of finger prints in databases, etc) makes them moot.
A single physical token can be stolen and/or potentially cloned by some attack in physical proximity (or breach of an upstream certificate authority)
But doing multiple of those at the same time. That’s inordinately much harder to do.
I will say the point/gist of the article is a good one. The variety of types some used here and others used there does make it a hassle to try to wrangle all the various accounts/logins. Especially in their corporate and managed deployment which isn’t saving passwords and has a explicit expiration of credential cache (all good things)