Comment by bee_rider
2 years ago
If you have 2FA and one part of it is easily figured out, then you have one factor authentication.
If you cared enough about the authentication in the first place to bother with 2FA, then I guess it seems like the reduction there is still something to be worried about, right?
Lots of “two factor authentication” schemes seem to involve just getting a text or something, so, not very secure at all. Of course, this is bad 2FA, but it is popular.
Perfect is the enemy of good. Text based 2FA is compromisable relatively easily but at least it's an extra hurdle.
It's the "or just" being the issue there, not the "use 2fa".
which is the point of 2fa – when the 1st factor fails the 2nd holds