Philosofikal wrote:
They hack your account and then what? Steal all your pp and osu!coins? What could anyone possibly have to gain by hacking your account?
2FA is something that should be reserved for things that actually need protection, like a Google, Facebook, or bank account.
----------------
Several people already made drama over this issue in reddit, calling out support + peppy himself for how they got nothing (afaik there was a guy who constantly complained for over 2 months before he got unbanned). As far as I remember, all cases was handled by Emphemeralis and this people got unbanned. Maybe support situation right now got better but you never know.
As it goes for PC - as far as you use Windows/IOS (especially IOS) it isn't hard to get access to your pc IF you don't use dedicated firewall/active malware scanner. Windows defender is worth jack shit and it is proven in every DEFCON Conference that person with enough knowledge and tools (which are open for everyone in internet) needs up to 10 min to get full access to your PC with basic security.
2FA is not only for "valuable" things but services which contain one or more information which may cause trouble to you. If service require your e-mail / real name / etc - it should have 2FA for security reasons.
Tbh if you use 2FA on your actual e-mail in term of confirming logging, not just recovering - email auth should be enough but I still don't trust it (yeah, I have trust issues).