(no title)

I never understood MFAs. In terms of ability to "log back in", it creates more "weakest links", where failure of one can lock me out of all.

Most consumers don't, but I use 3+ phones at a time, picking up whichever one has battery and is near me, and replace phones multiple times a year. MFAs and similar "future-looking" security solutions seem to target majority cases, whereas I think such security solutions need to support edge cases.

Currently, my best guess is magic links where I can set aliases like "this particular email" to be the source of truth, such that I can lose a device or two and still access the email, and still replace entire email if email is compromised (or regularly, just for best practice). But definitely does not feel satisfying...

Big respect for experts who are thinking about this problem day and night to solve it for the humankind. Seems hard and is definitely critically important!