Randomly, some websites seem to have a lot of fun breaking password managers. One inconvenience is sites now often asking for user name and password separately.
Another inconvenience is sites that use six-digit emailed codes instead of passwords. Which is just massively inconvenient because not only do I need to have an email program at the computer I am at, I also need to switch back and forth and copy-paste stuff.
Is there any password manager that works with those? Is there a way to get these codes working with Bitwarden even?
I’m fighting with my bank on the 2fa issue right now. They demand we use sms and turn notifications for the bank on in our phones…like no, I won’t grant you this access to my phone. I refuse solicitations in any form
Also SMS is extremely insecure, and relatively easy to spoof/steal.
I have ‘passwords’ should anyone try to request sim swapping, like you can’t port my number without authorization, apparently. But I’m still skeptical. I doubt anything would ever happen but I’d rather be safe then sorry.
that would be an immediate account closure from me
There’s not really any other options. The other options offer no real in person accountability and I don’t like that.
Where this comes from is not about inconveniencing you. It’s becase the site you are visiting doesn’t want to store your password. It’s called zero trust architecture and unfortunately the way it’s setup they can’t give you a code into your password manager becase it’s not like 2fa it’s a session specific not time specific. So they have to send you their code when you start the session.
This. It is inconvenient, but it does help with the issue that systems constantly get compromised and credentials stolen.
I wish companies would support more user friendly technology like ubikey or similar instead…
Hahaha dear l*rd. Switching back from Linux to Windows made my Yubikey such a pita. Instead of just tapping it to log in, I now need three clicks and type a four-character PIN that Windows forced upon me.
It’s cause windows wants to take a picture of you to login for … Reasons
In theory, it’s not impossible to have IMAP in a browser add-on. So why is there not some kind add-on to suss out the codes from these mails and make them pasteable…? This could include integration with throwaway mail accounts too, so I wouldn’t get this PIN code spam in my main mail account.
Yeah that’s a good idea right now I used a catch all on my domain for those logins so it’s already separated out. I don’t knowing how I feel about getting my mail account to bitwarden if I didn’t do that. The other issue you run into is there no standard for those email messages. So the plugin would need to process the message to find the code.
