Conversation
Notices
-
I was just thinking about those sites where they send a confirmation code by SMS and you cannot log in without it. Yesterday, Mark sent me a couple of messages by SMS that took around 12 hours to travel 100 miles. Maybe SMS isn't really appropriate for a "second factor".
-
>Maybe SMS isn't really appropriate for a "second factor".
It's not and more than that it's insecure and reduce privacy.
As far as I know second factor auth was put in place because of reckless users who puts the same password everywhere and thus their account got usurped. The only viable solution to this is people who will use a password manager. As for the method of "second factor" a second password or email validation is good enough.