The same argument goes for not letting me pick my own username. I like to make my username just as complex as my password. What I use to log in and what I use to interact with a site can be different.
2FA(2 factor authentication) needs a wider adoption level as well. APIs like Authy make it very easy and very cheap to give your users an added level of security.
While I'm on a security rant, websites that have me log in with my social security number... NO. Just NO. STAHP.
The same argument goes for not letting me pick my own username. I like to make my username just as complex as my password. What I use to log in and what I use to interact with a site can be different.
2FA(2 factor authentication) needs a wider adoption level as well. APIs like Authy make it very easy and very cheap to give your users an added level of security.
While I'm on a security rant, websites that have me log in with my social security number... NO. Just NO. STAHP.
What kind of site does that?
I've seen it on sites for health care benefits and life insurance/retirement.