How to prevent two-factor authentication for certain sites?

[hmlea]

I have been trying to set up my user.js to remove cookies and logout accounts on shutdown. The idea is that I want to prevent accounts that I use all the time from requiring two-factor authentication every time I log in. I have tried everything I can think of. Currently I allow site cookies by setting privacy.clearOnShutdown.cookies and privacy.clearOnShutdown.offlineApps to true then setting exceptions by allowing cookies in the menu opened by Cmd+I. This prevents me from requiring 2FA each time I open Firefox but also keeps me logged in on my accounts. Is there anyway to log my accounts out on close but also not require 2FA each time I log in?

I have tried other methods such such as the one described in #1278 and setting signon.rememberSignons to true but can't seem to get anything to work.

I am using Firefox 111.0.1 on an M2 MacBook running macOS 13.3.1.

[rusty-snake]

That's not possible!

If that works w/o arkenfox, you should blame the site (after reaching out to their CISO) for providing insecure 2FA. The entire idea of 2FA is to always have two factors and not one password.

Generally you should setup 2FA for all your accounts.

Edit: Or do you talk about RBA? RFP can be a cause for a high risk score, try to disable it (or use 2FA).

[hmlea]

I am talking about 2FA, but may have a misconception on how it works. Before I switched to Firefox, on some accounts with 2FA (like Google, for example), I would only have to use 2FA when it was the first time logging into that account using that browser; afterwards, I would just have to login normally without 2FA. I just assumed that because of that, there was a cookie or something that basically says "hey I have logged in from this browser before". I thought that clearing the cookies on close interrupted this process.

[rusty-snake]

Google says you have to mark a checkbox to get this behavior (as this should be strictly opt-in for 2fa). Did you enabled it?

Does it work if you logout and the login again w/o closing Firefox?

Note that RFP can still trigger some RBA if G has something like that.

[rusty-snake]

Is there anyway to log my accounts out on close but also not require 2FA each time I log in?

Is this something that is supported without arkenfox? If not, how should arkenfox magically provided it?

[hmlea]

Is there anyway to log my accounts out on close but also not require 2FA each time I log in?

Is this something that is supported without arkenfox? If not, how should arkenfox magically provided it?

I don't believe it is. However, my reasoning is that clearing cookies logs out my accounts when Firefox is closed, but when making an exception with Cmd+I, this doesn't happen. When logging out of my account without closing Firefox, 2FA is not required again, so there must be a cookie or something telling Google that this browser has been used before. So I thought maybe there would be a way to clear login cookies without clearing whatever cookie triggers 2FA.