MFA
Shortly after the security breach it seems recaptcha v2 was deployed. I believe v3 would be a much more user friendly and more secure method to confirm a user is not a bot.
Also, I just received probably the most jenky MFA I've ever seen in which the system challenged me for a code it had emails to my recovery email. In this day and age of authenticator apps and tokens I would much prefer something that was actually secure rather than relying on SMTP and the delay of emails. The other suggestion was to text the code, which I suppose is better than email, but no where near as good as any kind of authenticator app.
recaptcha v2 is annoying and not worth much for security. v3 is better.
Dana Brash
shared this idea
-
Dana Brash
commented
Oh, and the code got sent to my TC as well? no good
-
Dana Brash
commented
Shortly after the security breach it seems captcha v2 was deployed. I believe v3 would be a much more user friendly and more secure method to confirm a user is not a bot.
Also, I just received probably the most jenky MFA I've ever seen in which the system challenged me for a code it had emailed to my recovery email. In this day and age of authenticator apps and tokens I would much prefer something that was actually secure rather than relying on SMTP and the delay of emails. The other suggestion was to text the code, which I suppose is better than email, but no where near as good as any kind of authenticator app.
captcha v2 is annoying and not worth much for security. v3 is better.