B

Sat, Jun 20, 2020 12:14 PM

Confirmation Emails vs 2-Factor

I appreciate the security you're trying to put behind people logging into their dashboards and mobile apps, but I think a more modern 2-factor approach would be at least including options for Google Authenticator, or SMS code delivery.

Just my .02

Captain

 • 

4.7K Messages

2年前

@BrianDaniel many services. like Ally Bank and Amazon, do go the extra mile with security without specifically using 2FA with "trusted devices".  SS does the 2FA once with your browser and device and once confirmed, you're done.  Clear out your cookies and you will have to revalidate via email.

Advocate

 • 

2.8K Messages

2年前

Captain, I'm still having to re-validate, every single time.  I rarely even log into the control panel anymore because after (months ago) days and days and days of "did ya do this, did ya do that, oh well we can't replicate that on our end, it must be your problem", I've stopped caring anymore.  It really is an obnoxious 2FA, and it doesn't work properly for everyone.