• RecluseRamble@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    0
    ·
    2 months ago

    I wish. Every fucking bank has their own shitty app for 2FA instead of just using standardized and proven TOTP, no way around that.

    Same about school apps the article mentioned since it’s connecting to their (one of many) proprietary system, no website for that.

    And recently got into the home automation rabbit hole. Lots of devices that require their fucking app, sometimes with mandatory cloud account, just to connect! And people in reviews even praise how easy it is, it’s infuriating! I don’t need light bulbs connecting to the internet, thank you very much.

    • Silic0n_Alph4@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      2 months ago

      Ha, sucker, you think your non-Internet-connected lightbulbs make you safe? My Internet-connected lightbulbs have sent my online-car to wardrive your neighbourhood and sniff your Zigbee network!

      …if you see my car please tell it to come back to me, I need to go to the shops…

    • wrekone@lemmyf.uk
      link
      fedilink
      English
      arrow-up
      1
      ·
      2 months ago

      I get emails from school, with a link that opens a 3rd party app, which only displays a link that opens in the default browser. I’ve asked the school to just send me direct links to the announcements, but they say they can’t. The site doesn’t require authentication, but the URLs have UUIDs so I can’t just guess what the link would be. The app is quite literally just a data exfiltration layer that does everything it can to make sure you can’t bypass it. Good luck getting any other parents to give a shit though.

    • RvTV95XBeo@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      1
      ·
      edit-2
      3 days ago

      All of the banks I’ve used in the past utilize email or SMS for 2FA, which isn’t the most secure, but doesn’t require an app.

      • Prison Mike@links.hackliberty.org
        link
        fedilink
        English
        arrow-up
        1
        ·
        2 months ago

        They need to switch to Webauthn. SMS-based 2FA should’ve been big 10+ years ago, not today. I don’t really understand why this old style 2FA has been just now becoming popular lately.