14  
 

2 Factor Auth

Since I am using throttle for a lot of accounts (many of which have billing info) that turns throttle itself into a single point of failure. It would be great if I were able to trust that throttle is a secure place to store that kind of information. 

2 factor authentication would be a good first step toward doing so. 

5 replies

s

Taurean, this one's interesting!

I'd love to see if there's more demand; to others here, be sure to vote on this item (and any others) that you also want.

I don't know if I'd use it personally, but he does make a good point. Someone breaks into the Throttle DB system and all our emails are public knowledge. At that point I wouldn't even be concerned by my 22-character password being compromised...

This would be awesome as I use 2FA for all my accounts that have it. There's many ways to do it:

  • Authy's API which provides SMS or App codes OR a accept/deny notification (https://www.authy.com/developers/)
  • Clef replaces the username and password entirely by scanning a Wave similar to a barcode (https://getclef.com/developer/)
  • Passwordless.net to log in with a link sent to your email (like the verify your account emails but to log in each time)
  • Auth0 for Email Link or Code, SMS, and Social providers.

And of course there's lots more also.

s

Hey Brandon, thank you for the recommendations!

I, for one, would love to have 2 factor Auth.

Because... you know, email is pretty serious stuff. And you can't trust a lonely password :-)

2-factor authentication is a must. All top-tier web services use it.