[ARIN-consult] [ARIN-Consult] Consultation on Expanding 2FA Options for ARIN Online
Glen A. Pearce
arin-consult at ve4.ca
Wed Jan 25 07:37:30 EST 2023
On 24/01/2023 3:40 p.m., Adam Thompson wrote:
>
> I DO NOT WANT SECURITY that presents any significant chance of denying
> me access to my own accounts and resources. SMS or email-based 2FA
> schemes are a giant PITA, but both are fairly easily recoverable when
> (not if) I lose access to them. Are they good 2FA? No. Absolutely
> not. Are they better than nothing? Yes.
>
> This entire discussion feels like https://xkcd.com/538/ to me. If
> someone wants access to my ARIN resources, one of the easier ways in
> would be to physically threaten me or my family, and the best 2FA
> implementations in the world do nothing (AFAIK) to protect against
> that. The specific technique or technology involved won’t make any
> difference.
>
Pretty much my point in the previous consultation:
https://lists.arin.net/pipermail/arin-consult/2022-May/001665.html
Intruder traps or me carrying a firearm would probably do more to secure my
ARIN account (as a side effect of securing myself and my premises) than any
2FA would. Both of these measures pose...issues...under Canadian law
though...
Even the part from the mouse-over comment on that comic:
>Actual actual reality: nobody cares about his secrets.
Lines up with my comment:
>That said although IP space is valuable I don't think we are anywhere
>near people being kidnapped over it, especially a /24 that isn't eligible
>for a specified transfer for another 3 years.
--
Glen A. Pearce
gap at ve4.ca
Network Manager, Webmaster, Bookkeeper, Fashion Model and Shipping Clerk.
Very Eager 4 Tees
http://www.ve4.ca
ARIN Handle VET-17
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.arin.net/pipermail/arin-consult/attachments/20230125/2d3faee1/attachment.htm>
More information about the ARIN-consult
mailing list