top | item 30902326

(no title)

victor_e | 3 years ago

It transfers the dependency from something they know (password) to something they have access to (phone or email). That thing they have access to could be compromised which then means their account is compromised. That is a risk acceptance question you need to consider.

Also to consider: What happens if a user loses their phone? How do they get access to their account?

discuss

aaaaaaaaata|3 years ago

Everyone thinks having multiple affordable devices, some of which get almost no use but still have very important roles, is a weird techy thing to have.

I strive to avoid the stereotypes, but I have been unable to go without that setup since highschool!