rottenwheelM to privacyEnglish · 1 year agoNo federal privacy law? After the 23andMe hack, it's time to take actiontechnical.lyexternal-linkmessage-square4fedilinkarrow-up144arrow-down10cross-posted to: [email protected]
arrow-up144arrow-down1external-linkNo federal privacy law? After the 23andMe hack, it's time to take actiontechnical.lyrottenwheelM to privacyEnglish · 1 year agomessage-square4fedilinkcross-posted to: [email protected]
minus-squareLmaydev@programming.devlinkfedilinkEnglisharrow-up5arrow-down1·1 year agoThe problem here was people reusing passwords. You really aren’t going to stop people doing that. But it could have been easily prevented by forcing multi factor authentication. I think that should be the minimum required by any company holding personal information.
minus-squareBlakelinkfedilinkEnglisharrow-up6·edit-21 year ago2fa is a pain in the ass - especially for opsec if they require a mobile number or similar. the onus is fully on the account holder to set and remember a password (a la private keys - you do use monero right?) though having your genetic code hacked is pretty 2023 vibes
The problem here was people reusing passwords.
You really aren’t going to stop people doing that.
But it could have been easily prevented by forcing multi factor authentication.
I think that should be the minimum required by any company holding personal information.
2fa is a pain in the ass - especially for opsec if they require a mobile number or similar.
the onus is fully on the account holder to set and remember a password (a la private keys - you do use monero right?)
though having your genetic code hacked is pretty 2023 vibes