Hacker News new | past | comments | ask | show | jobs | submit login

And another one is to try passwords from previous database dumps against your email/etc. This is even more effective then using malware.

If you are able to use a second device for your 2FA, great but it is not always possible and 2FA on the same device is still better then no 2FA at all. I don't want to carry around a key just for all my 2FA passwords but still want to use my phone for common tasks that require 2FA.




Applications are open for YC Winter 2020

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: