Hacker News new | past | comments | ask | show | jobs | submit login

One simple password is never adequate as that then trains the user to continue doing that across other sites - regardless of their use of 2FA.

I've found the best solution for me is to use a password manage (Personally, I use LastPass) and enable MFA/2FA across everything that allows it.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact