<html><head><meta http-equiv="content-type" content="text/html; charset=utf-8"></head><body dir="auto"><div dir="ltr"></div><div dir="ltr">In my case, no, I have not opted in to 2FA for ARIN. It’s a calculated risk. I believe my non-dictionary password provides sufficient protection against what can be done with malicious access to my account vs. the added inconvenience of 2FA. </div><div dir="ltr"><br></div><div dir="ltr">Owen</div><div dir="ltr"><br></div><div dir="ltr"><br><blockquote type="cite">On May 25, 2022, at 07:27, Bram Abramson <bda@bazu.org> wrote:<br><br></blockquote></div><blockquote type="cite"><div dir="ltr">
<meta http-equiv="Content-Type" content="text/xhtml; charset=utf-8">
<div style="font-family: sans-serif;"><div class="markdown" style="white-space: normal;">
<p dir="auto">All,</p>
<p dir="auto">The current consultation is about rendering SMS a 2FA option, then making 2FA mandatory. But it also notes that TOTP 2FA has been available since 2015 with a 3.2 percent take-up.</p>
<p dir="auto">Optional 2FA is perhaps inevitably doomed to low take-up, but I it’s likely worth documenting any learnings from the implementation thus far, on the way to that 3.2 percent take-up:</p>
<ul>
<li>
<p dir="auto">Have most folks involved in this discussion already activated 2FA (are we preaching to the converted)? If not — why has it made sense for you not to?</p>
</li>
<li>
<p dir="auto">Do we think most of the broader community is aware of the 2FA opportunity — and are there thoughts, UX or otherwise, on why the crushing majority of folks haven’t availed themselves of it?</p>
</li>
</ul>
<p dir="auto">Thanks, and cheers,</p>
<hr style="border: 0; height: 1px; background: #333; background-image: linear-gradient(to right, #ccc, #333, #ccc);">
<p dir="auto">Bram Abramson<br>
<a href="mailto:bda@bazu.org" style="color: #3983C4;">bda@bazu.org</a> / @bramabramson</p>
</div></div>
<span>_______________________________________________</span><br><span>ARIN-Consult</span><br><span>You are receiving this message because you are subscribed to the ARIN Consult Mailing</span><br><span>List (ARIN-consult@arin.net).</span><br><span>Unsubscribe or manage your mailing list subscription at:</span><br><span>https://lists.arin.net/mailman/listinfo/arin-consult Please contact the ARIN Member Services</span><br><span>Help Desk at info@arin.net if you experience any issues.</span><br></div></blockquote></body></html>