FYI - 2FA to be come mandatory for ARIN Online? (was: Fwd: [arin-announce] Consultation on Requiring Two-Factor Authentication (2FA) for ARIN Online Accounts
Owen DeLong
owen at delong.com
Sun May 29 05:04:56 UTC 2022
I use google auth for several forced 2FA sites and a few sites where what I am protecting is worth the hassle. One difficulty that quickly emerges is managing and finding the correct Totp in the long unsorted list.
It’s no big deal when you have 6 or even 10, but as it approaches 100 different totp strings, it does become a hassle.
2FA is great where it makes sense, but contrary to the rhetoric here, it is not without trade offs.
Owen
> On May 28, 2022, at 16:24, goemon--- via NANOG <nanog at nanog.org> wrote:
>
> On Sat, 28 May 2022, Jim Popovitch via NANOG wrote:
>> On Sat, 2022-05-28 at 11:36 -0700, Randy Bush wrote:
>>>> I am not in the ARIN region but I have attended few Arin meetings.
>>>> As a comment, I live a country were mobile roaming does not
>>>> exists,
>>>> therefore, when 2FA only works with SMS I can not use the service.
>>>> Having
>>>> said that, please consider at least one more way to perform 2FA,
>>>> maybe send
>>>> a code to the email address or something else.
>>> i use google authenticator with arin.net
>> There's also the RedHat supported app FreeOTP.
>
> There are lots of inexpensive hardware TOTP tokens as well.
>
> Personally when I have to 2fa where sms is not possible, I use a token2 molto-1.
>
> -Dan
More information about the NANOG
mailing list