Your phone number is interchangable with your real name, address, social media accounts etc. It's the very fricking definition of PII and anything that asks for it is data raping you.
>sends login to server about you attempting to login and your IP ADDRESS >sends you a phone ping to your mobile device geo locating your IP address >they now know your IP and location
hmmmm FUD's
It's only a data harvesting practice if it wants your phone number at any point(including to "send a code/link to enable") or wants you to install a special snowflake app for it like Steam does. If it uses something like google auth it's fine.
Your IP address already resolves to within a few blocks of your house at worst. And assuming you're not an idiot that leaves GPS enabled, only the feds are bypassing that, not some random internet company.
>Your IP address already resolves to within a few blocks of your house at worst
lol
LMAO
you stupid fricking moron. My IP shows as my city which is 50 fricking kilometers away. Besides imagine someones on CGNAT try resolving that you fricking moron.
I use nordvpn so I'm safe but normies don't and get 2factor tracked
1 month ago
Anonymous
the process literally does not phone anything
codes are synchronised on time and shared secrets
read
1 month ago
Anonymous
How does it know to push a notification to my phone?
1 month ago
Anonymous
If you use TOTP there is no push notification
1 month ago
Anonymous
But if the process does not need to phone anything, why use a phone?
Given it is constantly online, contaminated with security holes from dozens of other apps.
Its the worst idea ever to think of it as „secure 2FA“
1 month ago
Anonymous
it doesn't
half my TOTPs are in bitwarden which I use on my browser
1 month ago
Anonymous
aaand thats a wrapup. 4/10 OP, too obvious
/thread
>route everything through home connection >everything is seen from the same address
Oh no. Besides the 2FA part is only applicable to push notifications and those are optional.
>GIMMI BAK MA FOAM >*punches you in the face repeatedly* >GIMMI BAK MA FOAM BEEEEEEEECH >GIMMI BAK MA FOAM >GIMMI BAK MA FOAM >GIMMI BAK MA FOOOOOOOOOOOOOOAM
It's not data harvesting if you don't provide the data they're requesting.
Besides, web scrapers, keyloggers and other tools exist to obtain your data directly from you. if they can't authenticate without your approval, you're essentially stopping them from going any further.
Use the 2FA and quit your whinging.
2FA itself doesn't necessarily data harvest you. The one that sends a "is that you" message to your phone might though. I'm using ones where I can use Aegis for the 2FA tonen. Could be a totally offline device, so no harvesting there.
I had to interview a literal diversity hire mongoloid one time and she had a 'passions' section of her resume which included 'transitioning to a passwordless world' LMAO
I'm not a pedofile so I really don't care.
Don't want Pajeets, Changs, or Ivans breaking into my email or steam account.
Simple as.
Life is very simple and easy when you're not a criminal, paranoid schizophrenic
>do nothing wrong >become successful >become a credible threat to the establishment >suddenly find out you have cp on your computer when you randomly get raided
First hand, if you can make things they find valuable or that could compete with their grifter-shitstem-companies and you dont want to give it to them or work for them as a wagie they can be just like inner city gang thug members despite the Armani suits or nerdy outer appaerances.
what's the data harvesting part, besides knowing your phone/mail address?
>please daddy tie everything to my real name
how does your phone know your real name?
countries where you need to show id to buy a sim
sounds like a skill issue
Your phone number is interchangable with your real name, address, social media accounts etc. It's the very fricking definition of PII and anything that asks for it is data raping you.
>Your phone number is interchangable with your real name, address, social media accounts etc
No it isn't. Phone numbers are not private information.
That's the point, moron.
>practice
there is nothing to harvest with ToTp
>sends login to server about you attempting to login and your IP ADDRESS
>sends you a phone ping to your mobile device geo locating your IP address
>they now know your IP and location
hmmmm FUD's
It's only a data harvesting practice if it wants your phone number at any point(including to "send a code/link to enable") or wants you to install a special snowflake app for it like Steam does. If it uses something like google auth it's fine.
Your IP address already resolves to within a few blocks of your house at worst. And assuming you're not an idiot that leaves GPS enabled, only the feds are bypassing that, not some random internet company.
>Your IP address already resolves to within a few blocks of your house at worst
lol
LMAO
you stupid fricking moron. My IP shows as my city which is 50 fricking kilometers away. Besides imagine someones on CGNAT try resolving that you fricking moron.
>sends you a phone ping to your mobile device geo locating your IP address
this doesn't happen
I use nordvpn so I'm safe but normies don't and get 2factor tracked
the process literally does not phone anything
codes are synchronised on time and shared secrets
read
How does it know to push a notification to my phone?
If you use TOTP there is no push notification
But if the process does not need to phone anything, why use a phone?
Given it is constantly online, contaminated with security holes from dozens of other apps.
Its the worst idea ever to think of it as „secure 2FA“
it doesn't
half my TOTPs are in bitwarden which I use on my browser
aaand thats a wrapup. 4/10 OP, too obvious
/thread
>I use nordvpn so I'm safe
Your picrel is missing crucial info, namely, how do you stop phone sharing?
you don't need phone for totp
oathtool --totp -B yourcode
I use this for github, but god is this method well hidden and obscure. Like you have to decode a fricking qr code just to get the totp parameters.
>route everything through home connection
>everything is seen from the same address
Oh no. Besides the 2FA part is only applicable to push notifications and those are optional.
No they're not
a OPT doesn't require a phone
That phone and computer are stolen
>GIMMI BAK MA FOAM
>*punches you in the face repeatedly*
>GIMMI BAK MA FOAM BEEEEEEEECH
>GIMMI BAK MA FOAM
>GIMMI BAK MA FOAM
>GIMMI BAK MA FOOOOOOOOOOOOOOAM
>He doesn't know
It's not data harvesting if you don't provide the data they're requesting.
Besides, web scrapers, keyloggers and other tools exist to obtain your data directly from you. if they can't authenticate without your approval, you're essentially stopping them from going any further.
Use the 2FA and quit your whinging.
don’t use it then
>have service
>service starts forcing it
>no viable alternatives
What now goyim
Tough shit. I don't want to pay taxes to fund my country's moronic culture projects but I can't stop paying taxes unless I want to suck dick in jail.
by using a 2FA browser extension
2FA itself doesn't necessarily data harvest you. The one that sends a "is that you" message to your phone might though. I'm using ones where I can use Aegis for the 2FA tonen. Could be a totally offline device, so no harvesting there.
Use OTP in your password manager.
for me, it's the ones that will sms you a code to login with, but absolutely refuses to email it to you.
>How do we get rid of this data harvesting practice?
Don't use the site. Simple as.
https://addons.mozilla.org/en-US/firefox/addon/auth-helper/
>otp
>phone number
what.
Give it back, tyrone
I had to interview a literal diversity hire mongoloid one time and she had a 'passions' section of her resume which included 'transitioning to a passwordless world' LMAO
I'm not a pedofile so I really don't care.
Don't want Pajeets, Changs, or Ivans breaking into my email or steam account.
Simple as.
Life is very simple and easy when you're not a criminal, paranoid schizophrenic
Witness someone with clout or the son or daughter of someone with clout commit a crime and see how much it matters whether or not you're a petal file.
>do nothing wrong
>become successful
>become a credible threat to the establishment
>suddenly find out you have cp on your computer when you randomly get raided
First hand, if you can make things they find valuable or that could compete with their grifter-shitstem-companies and you dont want to give it to them or work for them as a wagie they can be just like inner city gang thug members despite the Armani suits or nerdy outer appaerances.
Please, come near me, I'm quitting smoking and I'm begging for an outlet.
https://www.youtube.com/@robbraxmantech/videos
https://f-droid.org/en/packages/net.stargw.fok/
Stop being stupid. And then stop being stupid.
Give it back Jamal
"penis golfball trumpet bricks horseshoe"
Wow that was fricking hard
They will get you one way or the other.
>inb4 saw the brown hands
Have nothing to hide from the service providers.
It's that easy. It really is.
2FA authentication is fine if it lets you use something other than a mobile number.
Requiring a cell number is just cancerous.
By using skin-based authentification.
>Black hands detected > automatically lock the account/device