I use 2FA on every site where it's available. Today, I use an authentication provider (from one available on iFixit), so 2FA should be already handled by these oauth providers, but for users that use an iFixit account without an oauth provider this could be great.
-
But the question is:
-
''Which type of 2FA to use ?''
+
+
+
+
+
+
But the question is: ''Which type of 2FA to use ?''
* USB U2F device ? (= less used than authenticator, but also free)
Note : authenticator apps are common on a lot of sites and some also support USB U2F devices (like both Google or Microsoft does).
+
+
+
+
So 2 solutions are possible :
# iFixit could implement 2FA
# iFixit could rely on external oauth providers like today
+
+
For solution 1, see existing 2FA types above.
-
For solution 2, this could be great to add a feature like "Link account to Google" or "Link account to Facebook".
+
For solution 2, this could be great to add the following features :
+
+
* "Link account to Google"
+
* "Link account to Facebook".
+
* "Unlink from Google"
+
* "Unlink from Facebook"
+
+
+
Actually, when an iFixit account is linked to Google or Facebook, only these providers can be used to authenticate to iFixit and login + password combinations are disabled, so solution 2 can be considered.
I use 2FA on every site where it's available. Today, I use an authentication provider (from one available on iFixit), so 2FA should be already handled by these oauth providers, but for users that use an iFixit account without an oauth provider this could be great.
* USB U2F device ? (= less used than authenticator, but also free)
-
Note : authenticator apps are common on a lot of sites and some also support USB U2F devices (like all Google or Microsoft does).
+
Note : authenticator apps are common on a lot of sites and some also support USB U2F devices (like both Google or Microsoft does).
So 2 solutions are possible :
# iFixit could implement 2FA
# iFixit could rely on external oauth providers like today
For solution 1, see existing 2FA types above.
For solution 2, this could be great to add a feature like "Link account to Google" or "Link account to Facebook".
Actually, when an iFixit account is linked to Google or Facebook, only these providers can be used to authenticate to iFixit and login + password combinations are disabled, so solution 2 can be considered.
I use 2FA on every site where it's available. Today, I use an authentication provider (from one available on iFixit), so 2FA should be already handled by these oauth providers, but for users that use an iFixit account without an oauth provider this could be great.
* USB U2F device ? (= less used than authenticator, but also free)
+
* USB U2F device ? (= less used than authenticator, but also free)
Note : authenticator apps are common on a lot of sites and some also support USB U2F devices (like all Google or Microsoft does).
So 2 solutions are possible :
# iFixit could implement 2FA
# iFixit could rely on external oauth providers like today
For solution 1, see existing 2FA types above.
For solution 2, this could be great to add a feature like "Link account to Google" or "Link account to Facebook".
Actually, when an iFixit account is linked to Google or Facebook, only these providers can be used to authenticate to iFixit and login + password combinations are disabled, so solution 2 can be considered.
I use 2FA on every site where it's available. Today, I use an authentication provider (from one available on iFixit), so 2FA should be already handled by these oauth providers, but for users that use an iFixit account without an oauth provider this could be great.
* USB U2F device ? (= less used than authenticator, but also free)
-
-
Note : authenticator apps are common on a lot of sites and some also support USB U2F devices (like all Google or Microsoft does).
-
-
So 2 solutions are possible :
# iFixit could implement 2FA
# iFixit could rely on external oauth providers like today
-
-
For solution 1, see existing 2FA types above.
For solution 2, this could be great to add a feature like "Link account to Google" or "Link account to Facebook".
Actually, when an iFixit account is linked to Google or Facebook, only these providers can be used to authenticate to iFixit and login + password combinations are disabled, so solution 2 can be considered.
I use 2FA on every site where it's available. Today, I use an authentication provider (from one available on iFixit), so 2FA should be already handled by these oauth providers, but for users that use an iFixit account without an oauth provider this could be great.
- USB U2F device ? (= less used than authenticator, but also free)
Note : authenticator apps are common on a lot of sites and some also support USB U2F devices (like all Google or Microsoft does).
-
-
So 2 solutions are possible :
# iFixit could implement 2FA
# iFixit could rely on external oauth providers like today
For solution 1, see existing 2FA types above.
For solution 2, this could be great to add a feature like "Link account to Google" or "Link account to Facebook".
-
-
Actually, when an iFixit account is linked to Google or Facebook, only these providers can be used to authenticate to iFixit and login + password combinations are disabled, so solution 2 can be considered.
I use 2FA on every site where it's available. Today, I use an authentication provider (from one available on iFixit), so 2FA should be already handled by these oauth providers, but for users that use an iFixit account without an oauth provider this could be great.
- USB U2F device ? (= less used than authenticator, but also free)
Note : authenticator apps are common on a lot of sites and some also support USB U2F devices (like all Google or Microsoft does).
+
+
+
+
+
+
So 2 solutions are possible :
+
+
# iFixit could implement 2FA
+
# iFixit could rely on external oauth providers like today
+
+
+
For solution 1, see existing 2FA types above.
+
+
For solution 2, this could be great to add a feature like "Link account to Google" or "Link account to Facebook".
+
+
+
+
Actually, when an iFixit account is linked to Google or Facebook, only these providers can be used to authenticate to iFixit and login + password combinations are disabled, so solution 2 can be considered.
I use 2FA on every site where it's available. Today, I use an authentication provider (from one available on iFixit), so 2FA should be already handled by these providers, but for users that use an iFixit account without an authentication provider this could be great.
+
I use 2FA on every site where it's available. Today, I use an authentication provider (from one available on iFixit), so 2FA should be already handled by these oauth providers, but for users that use an iFixit account without an oauth provider this could be great.
This could be great !
I use 2FA on every site where it's available. Today, I use an authentication provider (from one available on iFixit), so 2FA should be already handled by these providers, but for users that use an iFixit account without an authentication provider this could be great.
But the question is:
''Which type of 2FA to use ?''
These ones are common :
- SMS ? (this means additionnal costs for iFixit)
- Authenticator APP (OTP) ? (very common, free and easy-to-use implementations)
- USB U2F device ? (= less used than authenticator, but also free)
Note : authenticator apps are common on a lot of sites and some also support USB U2F devices (like all Google or Microsoft does).
