top | item 31274074

(no title)

anthony_r | 3 years ago

> Which is rather likely, because why else would big tech companies push this if it didn't benefit them in some way?

They switched to this internally a long time ago which basically eliminated phishing attacks against employees. There are security teams inside those megacorps that have a general objective of reducing the number of account takeovers, and non trivial resources to accomplish that. Not everything is a conspiracy.

Also, I am sure you will be able to stick to just passwords for a pretty long time while the world moves on to cryptographic authentication. I'm not being sarcastic here.

discuss

matheusmoreira|3 years ago

> There are security teams inside those megacorps that have a general objective of reducing the number of account takeovers

The same corporations that routinely intercept all network traffic.

danuker|3 years ago

> There are security teams inside those megacorps that have a general objective of reducing the number of account takeovers

Said security teams have at most zero incentive that the privacy of the policy subjects is preserved.

raxxorraxor|3 years ago

Yes, they also track the behavior of their employees. It is security for them and not for the user in many cases. In a perfect world those incentives align but they don't have to.