I’ve been going through updating all of my accounts (passwords, 2FA, etc.), and I’ve noticed that there are a lot of sites that don’t offer any form of MFA.
I can understand smaller services that might not have the bandwidth, but surely larger organisations are able to get this setup?
The worst here are financial institutions. What do I want the most security on? My money.
I get that they have regulations, but it annoys me all the time.
The worst part of those is when they do support 2FA, but it’s text-only. No app authentication or hardware key option.
Like it’s something, but it’s easily the least secure option, and probably the most expensive since it requires operating an additional SMS portal for those codes.
This one I can understand, if something somehow goes wrong with your 2FA you’re locked out of your money
Not if you can walk into a branch.
Not every financial institution has brick and mortar locations.
I know, which is why I said IF.
No you’re not?! You seriously think the bank would just say “nope. No 2FA you’re fucked all your monies are ours now”.