I use google auth for several forced 2FA sites and a few sites where what I am protecting is worth the hassle. One difficulty that quickly emerges is managing and finding the correct Totp in the long unsorted list.
It’s no big deal when you have 6 or even 10, but as it approaches 100 different totp strings, it does become a hassle. 2FA is great where it makes sense, but contrary to the rhetoric here, it is not without trade offs. Owen > On May 28, 2022, at 16:24, goemon--- via NANOG <[email protected]> wrote: > > On Sat, 28 May 2022, Jim Popovitch via NANOG wrote: >> On Sat, 2022-05-28 at 11:36 -0700, Randy Bush wrote: >>>> I am not in the ARIN region but I have attended few Arin meetings. >>>> As a comment, I live a country were mobile roaming does not >>>> exists, >>>> therefore, when 2FA only works with SMS I can not use the service. >>>> Having >>>> said that, please consider at least one more way to perform 2FA, >>>> maybe send >>>> a code to the email address or something else. >>> i use google authenticator with arin.net >> There's also the RedHat supported app FreeOTP. > > There are lots of inexpensive hardware TOTP tokens as well. > > Personally when I have to 2fa where sms is not possible, I use a token2 > molto-1. > > -Dan
