[ARIN-consult] increasing 2FA take-up
owen at delong.com
Wed May 25 10:37:54 EDT 2022
In my case, no, I have not opted in to 2FA for ARIN. It’s a calculated risk. I believe my non-dictionary password provides sufficient protection against what can be done with malicious access to my account vs. the added inconvenience of 2FA.
> On May 25, 2022, at 07:27, Bram Abramson <bda at bazu.org> wrote:
> The current consultation is about rendering SMS a 2FA option, then making 2FA mandatory. But it also notes that TOTP 2FA has been available since 2015 with a 3.2 percent take-up.
> Optional 2FA is perhaps inevitably doomed to low take-up, but I it’s likely worth documenting any learnings from the implementation thus far, on the way to that 3.2 percent take-up:
> Have most folks involved in this discussion already activated 2FA (are we preaching to the converted)? If not — why has it made sense for you not to?
> Do we think most of the broader community is aware of the 2FA opportunity — and are there thoughts, UX or otherwise, on why the crushing majority of folks haven’t availed themselves of it?
> Thanks, and cheers,
> Bram Abramson
> bda at bazu.org / @bramabramson
> You are receiving this message because you are subscribed to the ARIN Consult Mailing
> List (ARIN-consult at arin.net).
> Unsubscribe or manage your mailing list subscription at:
> https://lists.arin.net/mailman/listinfo/arin-consult Please contact the ARIN Member Services
> Help Desk at info at arin.net if you experience any issues.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the ARIN-consult