It’s Time To Rethink Computing Resource Usage That’s Causing 2FA Overload
Back in the day when the internet was created, the only people who used it were of good character and sound mind. So they just left all the doors and windows open, the lights on, food on the stove, and their cars running 24/7/365.
Today that’s absurd. More and more stuff is getting locked-down or disabled entirely because of that approach. It’s ill-suited for today’s needs. Most web hosting platforms seem to have more things disabled “for security reasons” than not. That’s a sad thing, because a lot of these features are quite useful.
We need to take a different approach with these things. If you need something, turn it on, use it, then turn it off. Just like most other things in life these days, right?
Honestly, I’m getting pretty fed up with the belief that things need to be available 24/7 when I only need them for 15 minutes a day or so. As a result, we’re getting inundated with all of these different security measures like 2FA (2-factor authentication) that IMHO make 24/7 availability quite a nuisance.
Instead of scheduling something, we get 24/7 access but have to deal with a text or call or email confirming we really requested it. WTF? What’s next? Elevators? Water fountains? Every time we make a charge with a charge card?
Why not provide a mechanism on servers that lets someone enable different features at a specific time, or right now, for a given length of time, then it shuts them off. Send out a 2FA thing to verify the schedule if desired.
I mean … think about how much stuff is totally disabled on most web hosts just because there’s this assumption that this is the only option to having it turned on 24/7/365.
Consider this … back in the early days of the internet, email services were all polled via a dial-up phone line connected to a modem. You signed up with a server and they’d poll your machine periodically to see if you had any outgoing mail; before they hung-up they’d deliver incoming mail to you.
Maybe it’s time to go back to that model given how SMTP relays seem to be what most hackers are after. I don’t need 24/7 access to outgoing email. Fifteen-minute polling would be fine for the vast majority of things. In fact, while I know most folks set their email clients up to poll every few minutes, I don’t. I manually click my read-mail button and that’s the only time it reads mail. In most cases, I wouldn’t care if outgoing mail was queued up and didn’t go out except when a mail server polled me. Most of it is just not that high of a priority to warrant 24/7/365 access to an SMTP host.
We need to rethink these things if every damn thing is going to end up being gated by a 2FA contact anyway.
What prompted me to think about this is that I’m looking for a way to copy some files from one of my WHM-managed hosting accounts to another one. They’re literally all on the same machine, and they’re all registered to ME. All the domains, all of the accounts, they’re ALL MINE. However, I’m told that “for security reasons” there’s no easy way to copy files from one cPanel hosting account to another. I have to download them from the first account to my local machine, the upload them to the other account.
Because of this stupid all-or-nothing approach to security, it’s impossible to do this more simply! Never mind that there are a few different ways it could be done, they’re all disabled “for security reasons”. It’s like living in a damn bomb shelter.
I should be able to say, “Turn on this feature for 10 minutes”, do what I need to do, then shut it off or let it shut off itself.
At work, we have security stuff up the wazoo. We also use Microsoft’s platforms for everything. Including what was once supposed to be this nifty thing called “Single Sign-On”. Only now Microsoft has decided that SSO is “too insecure” so now we have to deal with 2FA prompts and entering our password every few days. It’s worse than before SSO was invented.
This is getting out of hand, and we — the computing industry — need to do something about it.
What do you think?
