Wow, two-factor authentication on websites without SMS is sure easy these days:
Why did I wait so long to do this? It's e-e-e-easy!
@Sylphox Isn't it pointless to store both the passwords and the tokens in the same wallet? That can hardly be called a two-factor authentication, since there's just one factor (the wallet) that happens to produce multiple secrets.
The only attack that I can think of that this approach would stop is someone stealing the site's password, e.g. from the clipboard. All other attacks are still just as easy as without 2FA.
The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!