Ask HN: Why do some services allow you to routinely bypass 2FA
2 comments
My hosting provider used to let me bypass 2FA because they "fingerprinted" my browser (whatever that means). Thankfully they've dropped that insane idea and now force 2FA every login.
So why present the 2FA prompt at all if I can simply choose to not use it? Maybe I have that option because I'm accessing from a registered browser. Whatever the case, it's a redundant prompt.
I've seen this pattern on other online services, for example Wise.com