Rob Pegoraro's post | Latest updates on Sulia
What about two-step verification bugs you so much: waiting for an SMS, having to run an extra app, something else?
I wrote a post yesterday (http://www.project-disco.org/competition/032913-social-media-trend-to-watch-security-that-doesnt-have-to-suck/) lauding the emerging competition between consumer sites to make two-step verification--where you enter a one-time code as well as a password--more palatable to users. I've since been dismayed by how many readers reported giving up on the concept.
I've had this option active in my Gmail account since September, and I don't mind it. I've actually been surprised by how rarely I have to run the Authenticator app to get a login code; when I do, it doesn't feel like a serious imposition.
So what am I missing? Is it having to wait for text to show up, the primary method in other two-step implementations? Do you have to enter a code too often? Does the system lock you out wrongly?