this post was submitted on 26 Jun 2024
304 points (95.8% liked)
Cybersecurity - Memes
1964 readers
2 users here now
Only the hottest memes in Cybersecurity
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
The security level should be the user's choice. Maybe I don't care if my neopets account is hacked. Maybe the 2fa offered actually decreases security, like the SMS 2FA required by my 401k account that can be used as the sole recovery factor, bypassing the password. Maybe I'm accessing from a system configuration that makes 2fa really annoying, like a build system running inside a fresh VM on every run.
The service doesn't have the context necessary to know when 2FA is warranted.