• Rentlar
    link
    fedilink
    English
    151 month ago

    I am very shitty on security (I would not write this reply on a post on the cybersecurity community), and I resisted MFA for several years as being too annoying having to login to mail/SMS. After finding open source apps supporting TOTP, I feel better about it and I manually do the syncing by just transferring the secrets between my devices offline.

    Passkeys are another foreign thing that I think I will get used to eventually, but for now there are too many holes in support, too much vendor lock-in (which was my main distaste for MFA, I didn’t want MS or Google Authenticator), and cumbersome (when email and SMS were the only options for MFA, difficulty of portability for passkeys).

    • Encrypt-Keeper
      link
      fedilink
      English
      31 month ago

      So the problems you have with them are already solved, in the exact same ways they were solved for password/MFA. If you let Apple manage everything for you, it doesn’t matter whether you’re using passwords or passkeys, you’re locked in either way. But you always have the option to manage your passkeys manually (just like you’re doing with your TOTP) or using a third party cross-platform solution that allows for passkey import and export.