Protect what matters – even after you're gone. Make a plan for your digital legacy today.
Forum Discussion
Deselect "trust this computer" and "keep me signed in"
I have 2FA with 1P as an authenticator implemented on many websites. Some (most?) websites offer the option to "trust this computer." Often it is checked by default. Sometimes I accidentally check it. It seems that then the next time I log in the 2FA is ignored. I would rather have 2FA required, and not ignored, since 1P makes it easy to log in with the one-time password. That way if someone has access to my device they would have to get access to 1P in order to log in. It also gives me comfort to see 1P filling in the digits for the one-time password. Some websites make it relatively easy, though with a lot of clicks, to untrust computers to remedy this bypass. Some websites make it very obscure and difficult to try to untrust computers.
I would PREFER that 1P give me the option in settings to have the default be either check or uncheck "trust this computer," and it would make the appropriate change on the website form. If I then want to check "trust this computer" for a particular website, 1P could explain that this means that 2FA is ignored and confirm that I really do want to check it.
Similarly, I usually prefer to sign or log out of a website rather than stay signed in so someone with access to my device has to sign in and can't simply go to the website without signing in. Since 1P makes signing in easy, I don't mind having to sign in when I go to a website.
I would PREFER that 1P give me the option in settings to have the default be either check or uncheck "keep me signed in," and it would make the appropriate change on the website form. If I then want to check "keep me signed in" for a particular website, 1P could explain that this means that username and password are ignored and confirm that I really do want to check it.
Maybe there's a better way to implement this. The point is I don't want to keep signed in and without 2FA as a result of default or inadvertence. These seem to be means to bypass security otherwise provided by 1P. While convenient, they are too lax for me. Thanks.
No RepliesBe the first to reply
