top | item 38946983

(no title)

Gentil | 2 years ago

We are currently in this mess off app store monopolies issue because of Google and Apple. PWA is trying to be the solution to this. Why would you upload it and repeat the same mistakes all over again?

It's like those people who use 2FA TOTP functionality along with the password managers. My friend, that defeats the whole purpose of 2FA. It's not just supposed to be an extra step, it is supposed to be isolated in another device from where your passwords are not. And 2FA's are NOT supposed to be in the cloud.

But this will happen. Because VC's will tell them to do this. And thus people it will eventually become a norm. sighs

discuss

ghusto|2 years ago

> It's like those people who use 2FA TOTP functionality along with the password managers. My friend, that defeats the whole purpose of 2FA.

It defeats _one_ of the purposes, and if that's not _your_ purpose, than it's acceptable to you. One of the purposes of 2FA is to stop randos in non-extraditable-country-x hacking your account by attacking just your password.

What it doesn't cover is protection from having your machine compromised, since as you've pointed out, everything is in once place (in memory if the password manager is unlocked). For me that's an acceptable risk-to-convenience trade, since I'm in much bigger trouble if my machine is compromised anyway.