fsebugoutzone.org:9999

       Post AxqFOLFZBUQCwhYSbw by elfin@mstdn.social
 (DIR) More posts by elfin@mstdn.social
 (DIR) Post #AxqFOCkmm32wav5lWS by leerayl@infosec.exchange
       2025-09-03T20:23:56Z
       
       0 likes, 0 repeats
       
       Just logged into the infosec.exchange webpage vs. Ivory and got a notice to turn on 2FA and I am surprised it was not turned on.If you are on a instance that supports MFA, please make sure your account is setup.  If the InfoSec server says it is long past time we do it, you all on other instances need to heed the call.GO SET YOUR MASTODON PROFILE MULTIFACTOR NOW!TL;DR - Mastodon clients may not fully or easily show you server notices, go and login via web, hit the megaphone (or similar icon) on the top of your feed
       
 (DIR) Post #AxqFODq8jcvJxobYVU by elfin@mstdn.social
       2025-09-03T21:24:37Z
       
       1 likes, 0 repeats
       
       @leerayl No. I&#39;m InfoSec (and I have an account at .exchange that I never use).2FA is bullshit. I know this is spitting in the face of &quot;Modern Security Strategies&quot; but 2FA is a RISK, not a SOLUTION and I wish to Fuck people would wrap their heads around this.I have to go to a third party that I probably don&#39;t trust (Meta, Google, my HOA, etc) to get a second set of keys so I can get into my own home WHILE my HOA is selling data of my coming and goings? That&#39;s fucking asinine.1/2
       
 (DIR) Post #AxqFOLFZBUQCwhYSbw by elfin@mstdn.social
       2025-09-03T21:29:30Z
       
       1 likes, 0 repeats
       
       @leerayl I recently lost my phone and am using a burner because I&#39;m waiting on my acrplacement *actual*.Guess how much stuff I am/was locked out of. (Another thing that irks me is Phone As Identification bullshit our industry embraces, and why not? More data to sell! (Twots.) Go ahead.All things Google (until I unfucked some of that from my laptop), my goddamned banking (Fuck FinTech in particular).I don&#39;t even like &quot;You haven&#39;t logged in for a month/OMG New Browser! =&gt;one time code&quot;.2/3
       
 (DIR) Post #AxqFZZltXBpfAW26d6 by feld@friedcheese.us
       2025-09-03T21:33:27.068627Z
       
       1 likes, 0 repeats
       
       @elfin @leerayl I agree. For most people it&#39;s a risk. These companies have pushed the burden onto the users and nobody seems to care enough about &quot;what happens if you lose your 2FA device?&quot;This is why when I do 2FA I prefer having multiple Yubikeys (one kept in a lockbox) or the TOTP in a password manager I have synced to multiple devices. It&#39;s much harder for me to get completely locked out.