With 2FA you have to have access to both authenticating devices. Putting both on one page defeats the purpose. The idea is that the chances are much less that a “bad guy” will have access to both the site and your phone (assuming of course they are not accessing the site on your phone). The reason anything greater than 2FA is rarely if ever used is end user convenience. Not many people have the ability or desire to authenticate on 3 different platforms and I have to imagine keeping 3 levels of authentication in sync would be more effort than it is worth for daily use
Latest Answers