Another State Lawmaker Wants To Criminalize Porn Through Age Verification::Here we go again, everyone. Another far-right state lawmaker has introduced a bill requiring age verification in order to access porn sites from within state limits. This time it is Tennessee state Rep. Patsy Hazlewood who introduced yet another extreme age verification proposal that essentially makes it a crime to own a legally operating porn…

      • ItsGhost@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        2
        ·
        11 months ago

        Aside from SMS/email, which should be avoided anyway for other reasons, or proprietary solutions like MS’ or Steams approach, there is nothing to be gained from TOTP or WebAuthN.

        TOTP (the 6 digit code that changed every 30 seconds, usually) is just a hash of a shared secret between you and the server, and the current time rounded to the nearest 30 seconds.

        WebAuthN/FIDO2/U2F is private by design. Keys/authenticators derive a unique key for every credential pair, you can even register the same key multiple times because of this. About the only thing you gain is knowing what type of authenticator is being used, which is of questionable value at best.

        • Spendrill@lemm.ee
          link
          fedilink
          English
          arrow-up
          2
          ·
          11 months ago

          Thank you for this, I learned something today.

          I wasn’t rubbishing 2FA I was saying that in order to use it you usually need to use a mobile phone and it’s the phone that I regard as being a security risk for any number of reasons.

          • ItsGhost@sh.itjust.works
            link
            fedilink
            English
            arrow-up
            1
            ·
            11 months ago

            Ah I see, and you’re most welcome. 2FA is something I am very passionate about, to the point I’m trying to convince my whole family to use security keys, but I come up against a lot of resistance to it