gilbertf
MFA is being forced (DSP2 for EU) onto users to force them to depend upon something they wear.
And because something they wear is something they can/will loose (or stop working in the case of smartphone), this will soon result into 2FA skin-implants being suggested to resolve the very problem they caused in the first place.
A physical card of 100 random numbers was so cheap, simple and worked so well. It had to be replaced by SMS & Android in order to ensure you’re GSM-geolocalisable anytime you connect.
2FA pro:
You keep hackers for accessing your account in case your password compromised.
But you loose: The ability to use your account if your smartphone is
- outdated
- lost
- stolen
- without network (traveling or any other reason)
- with no battery,
- … or Google decided god knows what about your Android device.
Each of these factors being way more probable and possibly as annoying as the hacker’s access scenario.
At the very least it’s a trade-off that should have been left to user decision instead of provider’s choice.