[FRIAM] MultiFactorAuthentication--YIKES!

[Steve Smith]

Nick, my fellow Luddite -

I have resisted tech in many domains, mostly for the *social* changes
they implied or portended that I didn't like.  I'm glad, for example,
that you are not walking around Santa Fe with your face in your phone. 
Not a good look on anyone, but downright dangerous for those of us who
might not have the multiple attendance to notice we are doing something
dumb, nor the agility to rescue ourselves (or others) when it goes wrong.  

I am on my *second* smart phone with a fingerprint reader.  The first
one (print reader) I ignored entirely.  It is my normal nature to leave
my devices (and networks and doors) unlocked, but since many systems are
all but enforcing that things be PIN or Password protected and now MFA
is becoming common if not widespead in enforcement, I have given over.

My smart phone unlocks just by placing my fingerprint on the back, no
more pretending that nobody else hasn't shoulder surfed my PIN.   And as
MFA is becoming more pervasive, *some* of those (integrated with Google
at least) ask nothing more of me than to finger my phone as my
second-factor.   This combines "what you are" (fingerprint) and "what
you have"(phone) on top of the pre-existing "what you have"(computer)
and "what you know" (the password you entered on your computer).  When
one or the other is not available or offline, I can still enter an extra
password/pin as-needed, but that is rare and they talk me through it
every time as if they were a patient nephew who really wants me to succeed.

I still don't try to read my e-mail or even news feed on my TS (tiny
screen) like many do, but I *do* find it incredibly convenient that I
*can* check this, that, or the other when I'm away from my laptop (I
used to haul it in my backpack with me everywhere).  

- Steve

On 4/6/21 11:35 AM, uǝlƃ ↙↙↙ wrote:
> Maybe this will help?
>
> https://www.howtogeek.com/129014/how-to-use-google-authenticator-and-other-two-factor-authentication-apps-without-a-smartphone/
>
> On 4/6/21 10:27 AM, Steve Smith wrote:
>>
>>> Hi, All, I apologize for this blast.  Clark University (through which I get a lot of my mail) is moving to MFA and seems to insist that I have a smart phone to activate it.  Please use the google address if you want to email me.  Don’t forget the “2”.
>>>
>> Nick -
>>
>> Are you sure it requires a Smart phone?  Most of the 2 factor systems I have to deal with only need to send me a code via SMS (txt).   Does this mean you don't even have a mobile that receives txt messages?  Maybe Clark's instructions are not as crisp on that point as they could be?   Or do they actually use an *App* to facilitate the MFA?
>