On 2022-10-24 11:23, Ingo Klöcker wrote:
On Montag, 24. Oktober 2022 09:19:49 CEST Christoph Cullmann
(cullmann.io)
wrote:
I think it is rather worse that now first time contributors have this
requirement.
Do you have proof for this, e.g. a study, or is this just your
Bauchgefühl
(gut feeling)?
I can not proof this.
I only know that even for myself this makes it a lot more work to login,
if I don't start to setup an application for that on my tablet and main
machine
and work machine, too.
But I see the point that it makes sense for accounts with elevated
rights.
There is plenty of proof (e.g. TBs of leaked password databases) that
lots of
people use insecure passwords and that lots of people reuse the same
"secure"
password everywhere. 2FA protects those ignorant people. If the 2FA-
requirement on invent helps to make more people aware of 2FA, then
that's a
good side-effect.
Besides, my hope is that with FIDO2 "soon" passwords will be a relic of
the
past.
That is a nice dream, but IMHO very unlikely in the near future.
Greetings
Christoph
Regards,
Ingo
--
Ignorance is bliss...
https://cullmann.io | https://kate-editor.org
