I've been thinking about this. I think the only answer is to create junk identities. Not for anything nefarious. Just something that separates your real identity from throwaway sites. Like one just for social media, one for signing up for rewards programs and such business, and your precious real identity for banking. This way they can track you all they want but there's a firewall.

There's been talk in policy circles for requiring real identities to be tied to social media, and even for all internet traffic. I think that's one of the endgoals that the Russian "social media interference" is setting the stage for. You can see it in a lot of their arguments.

Agreed except for the part about net neutrality. Net neutrality puts the government in the driver's seat. What's needed is private options. Don't like some organization? You can choose another. But with the government in charge there are no other options. Everybody is the same.

Fuckin', thank you!

Don't like some organization? You can choose another

Except in cases where there's a monopoly, or otherwise a lack of options.

There's a strong argument to be made that municipal governments are to blame for the monopolies, or at least play a very large role.

Still a clear winner. Absolute versus possible. With the private sector there are sometimes monopolies (which are illegal by the way) or simply lack of good choices. But at least there are choices. With government regulations it's all the same no matter what. Multiple choices but all the same rules. So no real choice.

unintended effect, it links your online identity with your real identity on a device that can be/is tracked at any moment.

Agreed except for this, it is the intended effect.

The day Reddit implements this, will be the day I sign off (voluntarily - this time).

They've had it as an option for a while for mods I think, and are planning on rolling it out as an option for all users pretty soon if they haven't already.

They day they make it mandatory is the day they officially digg their own grave. The company is greedy and amoral, but I don't think they're that stupid.

https://www.engadget.com/2018/01/25/reddit-two-factor-authentication/

Reddit mobile app comes in mind; without using it, mobile web browser can be very slow to load reddit.

https://www.engadget.com/2018/01/25/reddit-two-factor-authentication/

Except 2fa with your phone number is one OF MANY forms of 2fa. You can use 2fa without linking a phone number or even a phone. If you're using your phone number, you're not doing it right, or securely.

So... Your premise kind of goes out the window when facts are exposed no?

An authentication app like lastpass, Google authentication or Microsoft authentication. Install it on your phone, scan the qr code, and when you login, inputted code you get.

Apple is also making Two Factor almost impossible to avoid at this point, if it matters any.

And this one, when you sign in with your account, it automatically makes your phone a trusted device, and having a trusted phone # is an important part of the process as well.

I do support calls for them.

Yubikey

Digital certs on yubikey. Some will do email two factor with a code, but it’s rare.

When you get on the Internet you are consenting to lose all privacy and law enforcement needs no warrants to track or trace you apparently. Ask the guy who ran silk road doing life in prison..that's what they said. On clear or dark web, vpn or not your still consenting to be tracked and data mined,pretty much. That's why he's still locked up. You don't actually consent but thier argument was "you know it can happen so it's the risk you take" so just know they can do whatever.

this is the one that keeps me awake at night... they have tricked us into not being a real flesh human. we are now paper or digital strawmen.

https://www.youtube.com/watch?v=ME7K6P7hlko&t=5s

I'm absolutely certain 'security' is kind of bullshit. Governments just want to track peoples online behavior and connect phone/desktop usage seemlessly. The fuckers.

Two-Factor Authentication can be online and also offline.

Online: uses phone, SMS, calling, email, etc. Anything that needs to be connected.

Offline: uses an algorithm. You may see QR codes, or something to copy and paste. Backup codes is also included as an offline method.

Services that provide offline 2FA, but not limited to:

• Apple
• Google
• Microsoft
• Facebook
• Instagram
• Tumblr
• Twitter
• Bit.ly
• Probably all cryptocurrency services (CoinBase, CoinJar, BTCMarkets)

There’s are hardware ways, too. Such as yubikey with digital certs.

If you can use a 2fa app that doesnt require your phone number whats the problem? SMS 2fa is easily intercepted anyway.

There's a strong argument to be made that municipal governments are to blame for the monopolies, or at least play a very large role.

Still a clear winner. Absolute versus possible. With the private sector there are sometimes monopolies (which are illegal by the way) or simply lack of good choices. But at least there are choices. With government regulations it's all the same no matter what. Multiple choices but all the same rules. So no real choice.