Monday, July 4, 2022

But it's "for your security"

from here and here

Twitter and Facebook have both been caught misusing the 2FA details for ad targeting and they are probably not alone.

There are many ways that online sites could have chosen to implement two factor authentication. It stretches credulity to think that they just happened by accident to choose the one that benefits their advertising businesses.

No, I think any security benefits were actually a secondary concern and that's why the online world has settled on a technology that is actually inferior from a security perspective.