undefined | Better HN

0 pointssneak4y ago0 comments

The pain in the ass is why it should be used as an primary app-based 2FA recovery mechanism.

Doing 2FA via app is fine for most users. The failures happen when users lose their phone and need to reset 2FA. That's where the pain in the ass (but secure pain in the ass) of U2F would come in handy, to re-enroll primary 2FA.

Nobody presently has good ways of doing 2FA resets. U2F hardware is a near-perfect solution.

0 comments

thinkharderdev4y ago

It's a near perfect solution assuming nobody ever loses their U2F device.

moepstar4y ago

This is why you get two, one primary and one backup - they (Coinbase) actively encourage you to enroll two (or more, i think the limit is 5 or 6).

Also, their mobile app recently was updated to support NFC Yubikeys...

j / k navigate · click thread line to collapse