On Fri, Apr 12, 2024 at 04:50:13PM -0500, Chris Adams wrote: > Once upon a time, Richard W.M. Jones <rjones@xxxxxxxxxx> said: > > So the problem with github is they don't allow you to have 2FA on a > > backup device (or rather, it *is* possible, but the process is > > ludicrous[1]). If you have your phone as second FA and lose it then > > you have to immediately fall back to the piece of paper. > > I haven't seen a site with TOTP 2FA allow multiple TOTP codes, they all > just store one. It's trivial to scan the TOTP code into multiple > devices (depending on the software used, you can sometimes "export" a > TOTP code from one device to another by showing a QR code on the first > device), so that's hardly a "ludicrous" method. I sometimes think how hard it would be to explain all of this to my mother. I don't understand why 2FA needs to be so obscure and clumsy to use. Rich. -- Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones Read my programming and virtualization blog: http://rwmj.wordpress.com Fedora Windows cross-compiler. Compile Windows programs, test, and build Windows installers. Over 100 libraries supported. http://fedoraproject.org/wiki/MinGW -- _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
