Replies: 1 comment
-
@skyzyx there's lots of websites spreading the word on online security and authentication solutions. 2fa.directory spreads awareness about one of those solutions, multi factor authentication. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Information about the feature to be added:
There are a lot of complex ideas to unpack here, but I'll try to be brief. These are, I believe, fundamental truths about authentication.
Therefore, I would like to respectfully request that the definition of "2FA" used by this site evolve from the literal definition to something that allows sites to do better things, even if it's still technically single factor.
One of these examples is Passkeys, which can be used in place of username + password.
Another of these is "passwordless" authentication. I've seen the Contribution Guide, and understand the use of the literal definition of two-factor, but this is something I'd request we redefine.
There is no perfect "silver bullet" here, and I'm not asking we try to synthesize one.
Maybe separate passwordless-via-email (where most email providers have a web-facing password login, and therefore are some definition of "less secure") from passwordless-via-app (using a phone/tablet is more personal, and does not have a web-facing password login, and therefore is some definition of "more secure").
Are we trying to list sites with literal multi-factor authentication, or are we trying to provide information that can inform and enable users to make themselves more secure?
If it's the former, then nevermind. But if it's the latter, I'd love to see a more comprehensive "better than the status quo" listing that includes secure alternatives to literal 2FA (where 2FA is one solution to the problem, but not treated as the only solution to the problem).
Thanks for considering.
Beta Was this translation helpful? Give feedback.
All reactions