Especially for personal accounts.
I get why a corporation would require it for employees…
But I hate it when Apple, Samsung, etc. are forcing you to have 2fa, especially by requiring a phone number.
Side note: Bitwarden will be requiring email verification codes starting in February 2025, for those who haven’t enabled 2fa yet (see my Post in YSK). Most people store their email credentials in their password vault… so a lot of people are gonna get locked out of their bitwarden vaults. I kinda hate it, especially on such sort notice (less than 10 days).
I think it’s absolutely wild how archaic some systems are. And the worst offenders are those regulated by financial and medical industry laws. I have an account with one financial account that is protected only by password that is 12 characters max with special characters limited to just a few. I don’t know how they haven’t been breached and then sued into oblivion.
I’m fine with companies enforcing 2FA. Bitwarden is addressing the current weakest link in the chain: users.
Most of those banks just… pay the damages