Two-factor authentication is the "Are you sure you want to *X*?" pattern applied...

muxl · on July 31, 2020

2FA isn't double checking to make sure you meant to log in. It's verifying that you are the person logging in. Alert fatigue is a real issue as you point out and we need to make sure to not overwhelm users which is one major benefit of federated authentication.

The problem with taking an "undo" philosophy here is that it's very hard (impossible?) to undo the transfer of information which is what attackers are after in many breaches.

swores · on July 31, 2020

It's one thing if I accidentally delete a file without a warning, but can easily undo it.

But if someone logs in to access my files without authorisation... they've got them now. I can't click undo on them having read my private emails, or whatever the 2FA/other security was protecting.

jjoonathan · on July 31, 2020

Right, how does GP suggest we undo the act of giving out information? Deploy an ICBM to the geolocated IP that we just accidentally handed out private information to?

wlll · on July 31, 2020

> Do you really believe that I don't understand the "purpose of 2FA"? Come on.

Yes. Nothing you wrote leads me to believe you do understand the purpose of 2fa. You can complain all you like, but to me, and apparently others, it seems that you don't from what you wrote. If what you write is misleading to so many people then perhaps rather than complaining about people mis-interpreting what you wrote you might re-visit the thing you wrote.

A: The colour black is white.

B: That's ridiculous.

A: I entirely understand the difference between the colour black and white, "Be more charitable".

thephyber · on July 31, 2020

Perhaps, but you're missing the entire purpose of 2FA: the "Are you sure you want to X?" is out of band by definition. The first factor is the things you know: username and password. The second factor is something you have.

If a specific 2FA implementation is not out-of-band, that would make it useless as a 2FA and it would be as you describe.

yourapostasy · on July 31, 2020

That's a novel way to look at 2FA/MFA, I like it.

I can't think of a way to "undo" in this scenario without some settlement pattern. You can do whatever you want, but it doesn't "commit" until some settlement clears. In this case, still leading back to some kind of "Are you sure[...]" question, except to review in batch, like someone reviewing a bank statement.

Some people like reviewing in batch, some progressively, depending upon their individual perception of the cognitive load involved for them.

Tough to economically prevent spoofing though, when you start dropping aspects of authentication, integrity and non-repudiation. I suspect we can't substantially move that "Are you sure[...]" question's boundary until wearables become implants like a neural lace-grade implant.

cxr · on July 31, 2020

(Congratulations on having been the only respondent here to actually have said anything worthwhile. Too late to be able to edit in another addendum to my comment, though.)

pythonaut_16 · on July 31, 2020

Wait, are you arguing that 2FA is a waste of time/not actually effective? What alternative do you propose then to provide additional security to accounts?

Or are you arguing purely in the sense of SMS and Email based 2FA?

NovemberWhiskey · on July 31, 2020

Perhaps rather than complaining that people are unable to see the rather inscrutable analogy that you made, you could help them understand it?

kristopolous · on July 31, 2020

The entire industry has moved from a presumption of competency to a presumption of profound, remarkable incompetency.

So insightful things get interpreted as incompetent ramblings. So we're left with virtue signaling. It's a terrible culture.