23andMe tells victims it's their fault that their data was breached | TechCrunch - eviltoast

Hope this isn’t a repeated submission. Funny how they’re trying to deflect blame after they tried to change the EULA post breach.

  • capital@lemmy.world
    link
    fedilink
    English
    arrow-up
    4
    arrow-down
    5
    ·
    edit-2
    10 months ago

    Fuck mandatory 2FA. Most sites just throw SMS on there and leave it at that. I’m so tired of putting yet more of my information into services that don’t require it to utilize the service.

    If TOTP was more prevalent (getting there) I might agree but then we’d be talking about how the typical user doesn’t know how to set that up.

    • sudneo@lemmy.world
      link
      fedilink
      English
      arrow-up
      2
      ·
      10 months ago

      Companies pay SMS, TOTP is free for them (just a computation…). It is utterly dumb to implement the same logic with a paid service rather than TOTP (or security keys, at this point). So yeah, I agree with the idea, but I think nowadays most 2fa is TOTPs (sadly, some require their shitty apps to do just that - Blizzard once was one of them, maybe still is).

      • capital@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        10 months ago

        It’s a thinly veiled method to gather more info from users when SMS is the only option.