2-Factor Authentication is maddening

Discussion in 'Community Help Center' started by WY7BG, Nov 9, 2019.

Thread Status:
Not open for further replies.
ad: L-HROutlet
ad: l-rl
ad: Left-3
ad: Subscribe
ad: OK1UUad-1
ad: FBNews-1
ad: L-MFJ
ad: Left-2
  1. WB2LBV

    WB2LBV Ham Member QRZ Page

    The 2FA code is sent to your device in real time when you go to log in. A phishing scam will redirect you to a fake site that looks like QRZ and will prompt you to log in, but can't reproduce the 2FA so even if you enter your email and password on the fake site they won't be able to access your account. That's the whole idea. Of course if this happens and you realize later that it was fake you should still change your password.
     
  2. ND6M

    ND6M Ham Member QRZ Page


    More complex = 2 words.

    like: Pass Word
     
  3. WB2LBV

    WB2LBV Ham Member QRZ Page

    You can have the most complex password in the world, but if you get tricked into entering it at a fake login screen on a phishing site you've still given it away.
     
    ND6M likes this.
  4. KV6O

    KV6O Ham Member QRZ Page

    Nothing is perfect. 2FA adds to security. You can argue all you want about it.
     
  5. WY7BG

    WY7BG Ham Member QRZ Page

    ...and no decent password vault program (or even a half decent facility, such as the one in Firefox) will yield up your password to a site with a wrong URL or invalid TLS certificate. So, as long as the password is complex and unguessable enough that a gullible user cannot easily bypass this protection by typing it in from memory, it won't happen.
     
  6. WY7BG

    WY7BG Ham Member QRZ Page

    And there's the problem. It affects your ability to BUY as well as sell, because if your identity is not shown as verified, people will not trust you as a buyer. 2-factor authentication should not be a prerequisite for that status. After all, the fact that you do not want to subject yourself to a byzantine login process does not mean that you're a scammer.
     
  7. W6TAB

    W6TAB XML Subscriber QRZ Page

    That is completely false. There are man in the middle techniques that will trick your browser into thinking it is connected to the real website. If you don’t believe this then you just don’t know what you’re talking about.
     
  8. KV6O

    KV6O Ham Member QRZ Page

    Here’s an easy way to look at it. If you want to post ads - for free- you abide by the site’s rules. Easy peasy!
     
    ND6M likes this.
  9. WY7BG

    WY7BG Ham Member QRZ Page

    Here's an easy way to look at it. If the site wants to be user-friendly, it won't burden users with needless, awkward hurdles to using it. Easy peasy!
     
  10. KJ4VTH

    KJ4VTH Ham Member QRZ Page

    User-friendly == scammer-friendly :oops:
     
    ND6M likes this.
Thread Status:
Not open for further replies.

Share This Page