[ARIN-consult] Consultation on Requiring Two-Factor Authentication (2FA) for ARIN Online Accounts

Gert Doering gert at space.net
Wed May 25 14:16:55 EDT 2022


On Wed, May 25, 2022 at 11:41:14AM -0400, Ross Tajvar wrote:
> > I remain unconvinced that inflicting 2FA on me solves a real problem that
> > actually exists.
> I'm not sure why you (and others) seem to think 2FA is so incredibly
> inconvenient. In my experience, it only takes a few extra seconds, or a few
> extra clicks/taps depending on how it's set up. The added overhead really
> is very small.

I'm generally in favour of 2FA.

But then... last week, RIPE meeting in Berlin, with physical presence
there.  Tried to log into the RIPE access system, only to discover that
The Device that has *this particular* 2FA token was left at home.

A few months before, trying to go to Teams for a customer that required
"set up 2FA initially" for that account - and then turned it on for
"must use 2FA once a week".  Yeah, no big deal.  2FA token was on an
Android device that was decommissioned because "old and half broken",
and of course, Android-to-Android "new phone!" transfers don't do that.

Do I have a Yubikey?  Yes, of course.  Do I not use it for all I should?
Yes, because I carry around enough stuff with me...

Just anecdotes, and me having not enough foresight?  Of course.

But 2FA is not "just a few moments and then it won't bother you 
anymore, ever".

Gert Doering
        -- NetMaster
have you enabled IPv6 on something today...?

SpaceNet AG                      Vorstand: Sebastian v. Bomhard, Michael Emmer
Joseph-Dollinger-Bogen 14        Aufsichtsratsvors.: A. Grundner-Culemann
D-80807 Muenchen                 HRB: 136055 (AG Muenchen)
Tel: +49 (0)89/32356-444         USt-IdNr.: DE813185279

More information about the ARIN-consult mailing list