zlacker

[return to "Do not download the app, use the website"]
1. wouldb+Ha[view] [source] 2025-07-25 23:27:34
>>foxfir+(OP)
I understand but it’s not always with bad intentions.

In the Netherlands we have a system called DigiD to login into to most government websites like your taxes and city, etc.

When I contracted for the city of Amsterdam I learned they’ve been pushing hard for the DigiD app to two factor authenticate instead of text message, because of contracts Digid charges a lot per text message validation and none for app.

◧◩
2. nehal3+5d[view] [source] 2025-07-25 23:48:13
>>wouldb+Ha
True, but it does force citizens into a contract with either Apple or Google. I don’t think that is a good idea both from the perspective of individual freedom and national sovereignty.
◧◩◪
3. Beijin+ld[view] [source] 2025-07-25 23:50:20
>>nehal3+5d
Nothing beats a hardware token.

I would also use Yubikey for banking, but I am scared as f. what happens if I lose it while traveling abroad.

◧◩◪◨
4. Wilder+8H[view] [source] 2025-07-26 05:58:25
>>Beijin+ld
I wish that was an option, in most cases the phone becomes the hardware token, and that can be lost too. Or broken, or out of power or without internet connection.

I even have a personal anecdote. My wife "lost" her phone in Iceland. I make her login to find-my-phone with her google account, and 2fa was needed. Thankfully she had her Yubikey in her keychain (plus, we enrolled each other's key), so she was able to login. Push notification or TOTP/SMS were all not an option.

[go to top]