This is what I thought. I keep telling people they don’t exclusively own their passwords / security tokens once they give it to a site. Salted hashes to obscure the pw don’t even matter since the admin could also bypass that. Tanks for the validation.
ITT OP learns that 2FA is just a token stored on a server, and that server is in control by other people
This is what I thought. I keep telling people they don’t exclusively own their passwords / security tokens once they give it to a site. Salted hashes to obscure the pw don’t even matter since the admin could also bypass that. Tanks for the validation.
And you better pray the website owner (websites in general, not Lemmy specifically) at least hashes your password.
yes, the more layers of security, the better, even if it is just a futile matter of time to consume the time of an ATP.