I’m sure you feel the same about locks on your car and on your home. I mean, those silly keys, eh? They get so much in the way of going in and out and just using those things. Better if we dispensed with keys entirely, and just left everything unlocked and instantly available.
If I get locked out of Google or Amazon or Facebook I can talk to the hand at best with no recourse at all. A lot of 2FA hardware is garbage, like the Yubikey I had that had the hole attaching it to my keychain worn out in less than two years -- it could have fallen away and been lost.
The options are varied, and are really only nerfed by obscurity of both the platform and your handle in terms of its doxxability.
Bender•1h ago
For the rest of us, probably just simple / basic password complexity and some attempt at detecting brute force if that is not already a thing. My personal preference for any site would be to also have an option for cidr/IP approve-list.