Comment by bjourne
6 days ago
Microsoft showing 2FA down everyone's throat is quite painful. I don't for a second believe they are only using my phone number for authentication. They are storing the data and they are correlating it with other apps they force 2FA on.
So don't give them your phone number.
Arguing against 2FA is like arguing that they shouldn't bash your password because it means you can't see your password to help remember it.
Um, no? Arguing against 2fa is I don't want to cede even more PII with the American tech oligopoly which, no doubt, will share said PII with the American regime.
What PII?
You store a TOTP secret on your <device>....
It's less PII than an ssh public key because it's literally just a random string, that *they* generated, and you only need it for the web UI.
So please tell me how the Americans are going to track and identify you through a fucking TOTP secret.
2 replies →
s/bash/hash/