Warning: Some posts on this platform may contain adult material intended for mature audiences only. Viewer discretion is advised. By clicking ‘Continue’, you confirm that you are 18 years or older and consent to viewing explicit content.
The security level should be the user’s choice. Maybe I don’t care if my neopets account is hacked. Maybe the 2fa offered actually decreases security, like the SMS 2FA required by my 401k account that can be used as the sole recovery factor, bypassing the password. Maybe I’m accessing from a system configuration that makes 2fa really annoying, like a build system running inside a fresh VM on every run.
The service doesn’t have the context necessary to know when 2FA is warranted.
No 2FA on an account these days is like having a fucking bead curtain for a front door.
The security level should be the user’s choice. Maybe I don’t care if my neopets account is hacked. Maybe the 2fa offered actually decreases security, like the SMS 2FA required by my 401k account that can be used as the sole recovery factor, bypassing the password. Maybe I’m accessing from a system configuration that makes 2fa really annoying, like a build system running inside a fresh VM on every run.
The service doesn’t have the context necessary to know when 2FA is warranted.