Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Really? At what point do we blame the victim because this is so obvious to me.

I keep the TOTP and only sometimes keep the backup codes

I avoid the issue created from losing my phone, because the next device can generate codes immediately by importing or scanning the TOTP

I also don’t call it “2 factor” I just call it “one time passcode”



Nothing is "obvious" in tech any more, because there is simply too much. Two "tech savvy" people will often each have things they think is "obvious" that the other isn't familiar with.

And this isn't even a good example of something that is "obvious" to some people, because Google makes it very, very clear that saving the QR code is NOT a backup option. It is labeled only as a mechanism to transfer to a new phone, so one has no reason to believe that it's non-ethereal. Further, the app disallows taking a screenshot. You have to point a camera at your phone. It's mind-blowing to suggest that it might be appropriate to blame the user for not doing this.


all TOTP is the same

it doesn't matter what Google says is normal

is this really people's only experience with TOTP delivered via QR codes?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: