I use google auth for several forced 2FA sites and a few sites where what I am protecting is worth the hassle. One difficulty that quickly emerges is managing and finding the correct Totp in the long unsorted list. It’s no big deal when you have 6 or even 10, but as it approaches 100 different totp strings, it does become a hassle. 2FA is great where it makes sense, but contrary to the rhetoric here, it is not without trade offs. Owen
On May 28, 2022, at 16:24, goemon--- via NANOG <nanog@nanog.org> wrote:
On Sat, 28 May 2022, Jim Popovitch via NANOG wrote:
On Sat, 2022-05-28 at 11:36 -0700, Randy Bush wrote:
I am not in the ARIN region but I have attended few Arin meetings. As a comment, I live a country were mobile roaming does not exists, therefore, when 2FA only works with SMS I can not use the service. Having said that, please consider at least one more way to perform 2FA, maybe send a code to the email address or something else. i use google authenticator with arin.net There's also the RedHat supported app FreeOTP.
There are lots of inexpensive hardware TOTP tokens as well.
Personally when I have to 2fa where sms is not possible, I use a token2 molto-1.
-Dan