It doesn’t help that most password managers kind of suck, you have to do a lot of manual work as a user sometimes.
I wish websites would start supporting Webauthn/FIDO2 sometime soon. I’m sick of SMS-based 2FA becoming more popular lately (like 10 years late).
Yeah, the bank that manages my mortgage has mandatory text message 2fa if you're on a new computer. And something about Firefox keeps it from remembering my machine, so I have to do the text message 2fa everytime.
Right now it's working fine, but they had a period of a few months where the text messages would take 10-15min to send after you tried to log in, and the log in attempt would expire after 5 min, making it impossible to log in. All of which could be avoided if they would let me use a 2fa app.
cookies, firefox has protection against trackers, go to your bank site and click in the shield an the top left and disable it
I’ve configured 2FA with my bank using verification codes (can’t think of the proper name, it’s that Authy-/Google-style 2FA c. 2010) but then never utilizes it — it pretends that’s not set up and requests the SMS code. 🫠
The thing you are thinking about is called TOTP or timed one time password.
It doesn’t help that most password managers kind of suck, you have to do a lot of manual work as a user sometimes.
I wish websites would start supporting Webauthn/FIDO2 sometime soon. I’m sick of SMS-based 2FA becoming more popular lately (like 10 years late).
Yeah, the bank that manages my mortgage has mandatory text message 2fa if you're on a new computer. And something about Firefox keeps it from remembering my machine, so I have to do the text message 2fa everytime.
Right now it's working fine, but they had a period of a few months where the text messages would take 10-15min to send after you tried to log in, and the log in attempt would expire after 5 min, making it impossible to log in. All of which could be avoided if they would let me use a 2fa app.
cookies, firefox has protection against trackers, go to your bank site and click in the shield an the top left and disable it
I’ve configured 2FA with my bank using verification codes (can’t think of the proper name, it’s that Authy-/Google-style 2FA c. 2010) but then never utilizes it — it pretends that’s not set up and requests the SMS code. 🫠
The thing you are thinking about is called TOTP or timed one time password.