Duo.com, the 2FA scheme Instagram and GitHub uses, and you can use on your own website, does not connect your phone to your account (in the knows your number, IMEI or location sense).
Passwords are not a shitty defense. The vast majority of password cracking is done by social engineering.
you are talking utter bollocks, the vast majority of password cracking is done via breaches
Podesta's emails were gathered by phishing
VK Data Breach: Russian social media site VK was hacked, exposing 93 million names, phone numbers, email addresses, and plain text passwords.
FriendFinder Network Breach: Attack vector Cracked password. Websites like Adult Friend Finder, Penthouse.com, Cams.com, iCams.com, and Stripshow.com were affected. Most of the passwords were protected only by the weak SHA-1 hashing algorithm, which meant that 99% of them had been cracked by the time LeakedSource.com published its analysis.
MySpace Data Breach: In June 2013, around 360 million MySpace accounts were compromised by a Russian hacker. The incident was not publicly disclosed until 2016.
LastPass Data Breach: Hackers compromised the laptop of a LastPass DevOps engineer to gain access to customer personal data, potentially impacting 30 million of LastPass’ users.
Plex Data Breach: Streaming platform Plex suffered a data breach impacting most of its users, approximately 20 million. The compromised information included usernames, email addresses, and passwords.
North Face Data Breach: Roughly 200,000 North Face accounts were compromised in a credential stuffing attack. These accounts included full names, purchase histories, billing addresses, shipping addresses, phone numbers, account holders' genders, and XPLR Pass reward records.
passwords a quite a shitty defence
Duo.com, the 2FA scheme Instagram and GitHub uses, and you can use on your own website, does not connect your phone to your account (in the knows your number, IMEI or location sense).
But you managed to shoehorn CBDC into it again
you are talking utter bollocks, the vast majority of password cracking is done via breaches
Podesta's emails were gathered by phishing
VK Data Breach: Russian social media site VK was hacked, exposing 93 million names, phone numbers, email addresses, and plain text passwords.
FriendFinder Network Breach: Attack vector Cracked password. Websites like Adult Friend Finder, Penthouse.com, Cams.com, iCams.com, and Stripshow.com were affected. Most of the passwords were protected only by the weak SHA-1 hashing algorithm, which meant that 99% of them had been cracked by the time LeakedSource.com published its analysis.
MySpace Data Breach: In June 2013, around 360 million MySpace accounts were compromised by a Russian hacker. The incident was not publicly disclosed until 2016.
LastPass Data Breach: Hackers compromised the laptop of a LastPass DevOps engineer to gain access to customer personal data, potentially impacting 30 million of LastPass’ users.
Plex Data Breach: Streaming platform Plex suffered a data breach impacting most of its users, approximately 20 million. The compromised information included usernames, email addresses, and passwords.
North Face Data Breach: Roughly 200,000 North Face accounts were compromised in a credential stuffing attack. These accounts included full names, purchase histories, billing addresses, shipping addresses, phone numbers, account holders' genders, and XPLR Pass reward records.