this post was submitted on 16 Jul 2025
32 points (76.7% liked)

Unpopular Opinion

7687 readers
54 users here now

Welcome to the Unpopular Opinion community!

How voting works:

Vote the opposite of the norm.

If you agree that the opinion is unpopular give it an arrow up. If it's something that's widely accepted, give it an arrow down.

Guidelines:

Tag your post, if possible (not required)

  • If your post is a "General" unpopular opinion, start the subject with [GENERAL].
  • If it is a Lemmy-specific unpopular opinion, start it with [LEMMY].

Rules:

1. NO POLITICS

Politics is everywhere. Let's make this about [general] and [lemmy] - specific topics, and keep politics out of it.

2. Be civil.

Disagreements happen, but that doesn’t provide the right to personally attack others. No racism/sexism/bigotry. Please also refrain from gatekeeping others' opinions.

3. No bots, spam or self-promotion.

Only approved bots, which follow the guidelines for bots set by the instance, are allowed.

4. Shitposts and memes are allowed but...

Only until they prove to be a problem. They can and will be removed at moderator discretion.

5. No trolling.

This shouldn't need an explanation. If your post or comment is made just to get a rise with no real value, it will be removed. You do this too often, you will get a vacation to touch grass, away from this community for 1 or more days. Repeat offenses will result in a perma-ban.

6. Defend your opinion

This is a bit of a mix of rules 4 and 5 to help foster higher quality posts. You are expected to defend your unpopular opinion in the post body. We don't expect a whole manifesto (please, no manifestos), but you should at least provide some details as to why you hold the position you do.

Instance-wide rules always apply. https://legal.lemmy.world/tos/

founded 2 years ago
MODERATORS
Rooki@lemmy.world
JonsJava@lemmy.world
lemann@lemmy.world
ptz@dubvee.org
technopagan@lemmy.world
32
We don't need both passwords and Email/Phone verification. (lemmy.world)
submitted 3 days ago by Sackeshi@lemmy.world to c/unpopularopinion@lemmy.world
18 comments fedilink hide all child comments
 

Either make me create a password and then let me into my account or let me use my phone number/email to verify. It's becoming too much to get into every day stuff. If I have biometrics on there is zero reason for anything else.

Basically the current security system is overdoing it. I suggest getting rid of passwords all together OR only requiring one or the other. Like it I forget my password or I forget my phone I can use the other but JFC its a hassle.

you are viewing a single comment's thread
view the rest of the comments
[–] hig13@lemmy.world 4 points 2 days ago

Honestly, I think not having MFA required for any account anywhere ever is bad practice. As others have mentioned MFA is something you know, something you own, something that's you, and somewhere you are. Password or pin, phone or digital key, biometric like a fingerprint or face, geolocation or IP address. Having more than one of these things makes getting into your account harder. If you only need a password, then that's all someone needs to figure out to get into your account, same with all the other examples. I feel like it's pretty straight forward, but I tried my best to explain why we do need both...

If you run a server with thousands of users interacting with each other and someone gains access to all their accounts, what's the harm? I don't care if someone gets access to what I have access to through the account on x website, so it doesn't matter right? Well what if real user accounts were used as bots to push propaganda or silence a competitor, damaging the community you're hosting on your server, or posting bad reviews on products, etc. you lose trust in that community or website.

Idk, to me, there is a bigger picture that requiring secure accounts produces, and I think it helps me have more trust in the website I'm joining and want to be part of. It's just about helping ensure genuine interactions, it'd be nice if it was guaranteed, but it at least helps me feel assured.

tldr; MFA is important for securing the things inside of an account, but it's also important for creating confidence and trust in who or what you're interacting with on a website.