New device and a multifactor nuisance

Oct 18, 2012 01:08 · 149 words · 1 minute read

Two-factor authentication (2FA) is great. Thanks to 2FA, even if someone manages to figure out my password, they still need to have physical access to my phone. Well, I actually have two phones that I switch between, so they need access to one of those two phones. I just got a new phone to replace an aging one. I use three different services that support Google Authenticator. Guess what? Now I need to reset the 2FA on all three of those services so that my new device has the secret.

Sure, this is a first world problem, blah blah. But, what I’d really love to see is 2FA tied into Persona (BrowserID) and all of the sites I log into support Persona. Then I only have one password to know, one 2FA secret. It would eliminate the need for a password manager. Convenience and security. Sounds grand, doesn’t it?