Quote:
Originally Posted by hadaso
The problem is that there are two separate functionalities here that are tied together:
|
Bingo.
I would add, along these lines: I have an authenticator app registered for 2FA purposes that I use for the relatively rare times when I access from my phone using the FM app. However this 2FA method is always offered to me even when I'm logging in from a normal PC browser (it has been like that a long time, this is not part of the recent change). I would rather have them separated - having browser login limited only to hardware tokens, and the auth app used only for phone login. I realize this might bite me hard some day, when I really, really need to get into my email and don't have a token
or my phone, but I'm a bit of a risk taker about such things
, and like the idea of stricter security. It would be nice if we had a more granular ability to configure such things.