rottenwheelM to privacyEnglish · 2 years agoNo federal privacy law? After the 23andMe hack, it's time to take actiontechnical.lyexternal-linkmessage-square4linkfedilinkarrow-up144arrow-down10cross-posted to: [email protected]
arrow-up144arrow-down1external-linkNo federal privacy law? After the 23andMe hack, it's time to take actiontechnical.lyrottenwheelM to privacyEnglish · 2 years agomessage-square4linkfedilinkcross-posted to: [email protected]
minus-squareLmaydev@programming.devlinkfedilinkEnglisharrow-up5arrow-down1·2 years agoThe problem here was people reusing passwords. You really aren’t going to stop people doing that. But it could have been easily prevented by forcing multi factor authentication. I think that should be the minimum required by any company holding personal information.
minus-squareBlakelinkfedilinkEnglisharrow-up6·edit-22 years ago2fa is a pain in the ass - especially for opsec if they require a mobile number or similar. the onus is fully on the account holder to set and remember a password (a la private keys - you do use monero right?) though having your genetic code hacked is pretty 2023 vibes
The problem here was people reusing passwords.
You really aren’t going to stop people doing that.
But it could have been easily prevented by forcing multi factor authentication.
I think that should be the minimum required by any company holding personal information.
2fa is a pain in the ass - especially for opsec if they require a mobile number or similar.
the onus is fully on the account holder to set and remember a password (a la private keys - you do use monero right?)
though having your genetic code hacked is pretty 2023 vibes