That is a great idea! I am 100% in favor of helping the users understand the security tradeoffs between the 2FA methods.
We definitely have it on the roadmap to update 2FA Notifier to include more educational content. Thanks for the feedback!
I am currently writing a series on 2FA on my site All Things Auth [1] that gets into the details explaining how each method works and exploring the security and usability tradeoffs of each. I want to put together a summary and/or infographic highlighting the main takeaways and hopefully like to something like that from 2FA Notifier.
Currently, we use the data from twofactorauth.org [2] as our main data feed. I definitely encourage you to check out their community on GitHub and propose your idea there too!
Thanks for the positive feedback! There are 2 main articles in the 2FA series left to write (Push 2FA and U2F/WebAuthN), but there are a ton of other posts I have bouncing around in my head. Join the email list if you're interested in getting updates!
I'll definitely give your post a read too!
Have you found it effective publishing on Medium vs your own blog? I've been considering cross posting my articles for additional exposure. Curious to hear your thoughts.
Medium infinitely, Linkedin is also gaining popularity if you want/need to boost your network.
Feel free to write me via email if you’d like to talk
more, but between hn and hackernoon, with medium any of my posts gets at least a thousand reads. This one is currently at 4.6k views/1.9k reads. There’s no way I’d get this reach with my own blog.
(I'm the other half of this team. I tackle the UX/UI parts)
@encyclic, i'm curious about how you typically approach enabling 2FA.
- How do you typically choose which services to enable 2FA for?
- What do you do now if a service doesn't have 2FA OR doesn't have the type of 2FA appropriate for your situation?
As Conorgil145 mentioned, we have this on our roadmap and have some ideas about how to approach this. But understanding how you approach things now will definitely help us to craft a more effective solution.
We definitely have it on the roadmap to update 2FA Notifier to include more educational content. Thanks for the feedback!
I am currently writing a series on 2FA on my site All Things Auth [1] that gets into the details explaining how each method works and exploring the security and usability tradeoffs of each. I want to put together a summary and/or infographic highlighting the main takeaways and hopefully like to something like that from 2FA Notifier.
Currently, we use the data from twofactorauth.org [2] as our main data feed. I definitely encourage you to check out their community on GitHub and propose your idea there too!
[1] https://www.allthingsauth.com/tag/2fa/
[2] https://github.com/2factorauth/twofactorauth