Enable truly secure 2FA With OATH TOTP

Please enable 2-Factor Authentication using OATH TOTP (Google Authenticator, Authy, Yubikey, Microsoft Authenticator, Free OTP, Lastpass, etc., etc., etc.).

Sending codes via email and SMS is highly insecure, particularly for a company that is supposed to be focused on security solutions.

Time based one-time passwords are the defacto standard, but Ring is still using 2FA techniques that were obsolete a decade ago.

I would rather have no 2FA and know that I have to be vigilant about changing passwords than use this easily compromised and terribly inconvenient system you are currently mandating.

5 Likes

Want to endorse this. 2FA has been shown to have flaws, including getting a phone company to change the phone number. Authenticator apps require physically having your phone.

Google authenticator and MSFT authenticator work the same and it is more secure and easier to deal with. When I try to log into an account that needs it, I get a prompt on my phone and say ok.

1 Like