Yes. As I learned as a young kid, you can pop off the individual cubes with a screwdriver and reassemble in a solved state. I consider this method “brute force”.
Related only tangentially. Doctor recommended a vitamin D supplement. Couple years later after terrible acid reflux, I eliminate prescribed medication X which solves 80% of reflux symptoms and pain. After self testing the remaining 20% of symptoms were caused by the vitamin D gummy supplement, tomatoes, and onions.
So yeah vitamin d might help on one hand, but cause it’s own issues in different areas.
No more vitamins for me. Better to eat well and get the occasional bit of Sun.
Japan relied on near universal masking (voluntary too, no mandate) and high vaccine take up. Current approved pharmaceuticals are remdesivir etc. refer:
You're creating a strawman. I only said that our government has demonized self applied therapeutics and pushed vaccines only. There is no scientific reason to demonize therapeutics the way the institutions in the US have done. And what about the censorship? How can open debate happen when qualified individuals are shut down? It's all very anti-science and anti-democratic.
Unless you truly want to uphold the property "the something I have is not the something that stores my passwords" (you likely don't), your two factor codes should be in your password manager. Period. A good password manager has a strong user/device PKI backed by an offline key and will only be accessible on devices you've bootstrapped, so it's isomorphic to "something I have" at least and usually exactly equal to "somethings I have". And if you are a security nut trying to uphold that property and telling people it's bad to put your TOTP urls in your password manager... you better not have an authenticator app installed on the same device as your password manager or you've thrown that property out the window. Not saying it's never appropriate to have a true second factor. Just that it's not appropriate for 99% of consumer use cases and the security setup and structure afforded by password managers is more than sufficient to have good account hygiene. It would be a better world if everyone used a password manager and stored their totp codes in it than everyone has a hodgepodge of authentication apps that aren't reliable and break and cause services to implement manual verification backdoor loopholes into their auth anyway etc. etc. TOTP 2FA defends against weak passwords. A password manager enables strong passwords largely making TOTP irrelevant. Unfortunately not everyone uses a password manager and thus services are compelled to add TOTP 2FA because what other choice do they have?
yeah, the only reason that i didn't get burned like the person above my original quote is that i got lucky. i had figured out that i could have two tokens running at the same time (one token for service A in Google Authenticator, second token for service A in 1Password). But I realized when I lost all Google Authenticator tokens one time, that I was this close || to a disaster. I had only recently also set up 1pw.
The most ideal set up would be to have a universally Yubikey or something equivalent. Preferrably with a backup pre-configured second Yukibey possible in a disaster recovery bugout kit. Then have all the initial QR codes, otp secret manual otp key strings like i demonstrated above your post, account recovery keys, backup break-in codes, or whatever other flavor of two-factor recovery a service uses, all this notated in a secured password manager. The real problem i see with two factor is that the offered recovery method is so variable from service to service. it makes knowing which information you need to have on hand when you've gotten locked out is problematic.
the other thing i do is that for core cloud service providers, i print out the password manager details for the accounts. this is apple, cloud backup service, google, microsoft and a couple of hardware device passwords. it's a risk to have this printed, but the print out is in a fireproof safe with a trusted party.
i basically assume my disaster recovery plan is that i have my wallet and the clothes on my back and nothing else. everything else gone including my computers and phones and i have to get back all services and data without having any devices.
the higher the level of security, the higher level of disaster preparedness the end user needs to practice.
I've emailed my elderly parents to make sure they understand that this mandatory 2fa roll out is happening, and I've explained how they could fuck up their accounts by not notating the recovery method. offered to review their details to make sure it passes a sniff test.
Gen X never had the numbers to do anything substantial. Millenial's population total crossed the Boomers in 2019. Gen X will not do the same until 2028. From 2019 forward, governmental power will be exercised by Millenials. Gen X will never have an era of ascendancy, our lot is to simply figure out how to be satisfied where ever we find ourselves.
duuuuuuuuude do you have any idea how labor intensive care for ICU patients is? ICU patients can't move. Requires staff to turn them so they don't get bed sores and to prone them stomach down for lung function.
If the ICU patient can't breathe on a vent and are able to secure ECMO, the ECMO specialist ratio is ideally 1:1. Under a crush of patients maybe 1:2 patients. A 1:3 ratio is risking all the patients under that specialist's care because the patients are all too tenuous. Let me reiterate and restate: 3 ECMO patients are too much for a single ES to support.
The ECMO specialist isn't the only person caring for the patient. There is the ICU nursing staff, the pulmonary therapist, plus the actual pulmonary doctors, the renal doctors, plus plus plus. You are talking decades if not a hundred+ years of study just to take care of a single ICU patient.
