Hacker Read

krick · 2020-01-11 07:39:05+00:00

Did we ever seriously doubt that? 2FA is just a made-up reason to have your phone number anyway, all the services that require that don't really want anything other than that.

haecceity | karma 548 | avg karma 1.26 · | 2020-07-17 01:50:03

I keep saying phone numbers for 2FA is dumb but entire industry thinks this is a good idea for some reason. The problem here is that it's not even used as 2FA, it's just one factor and these services think it's sufficient to prove identity.

mywittyname | karma 16038 | avg karma 2.93 · | 2021-08-17 10:12:09

That's such a massive burden anymore, since so many services tie 2FA to phone numbers for some dumbass reason.

throwntoday | karma 198 | avg karma 0.4 · | 2022-05-05 12:52:31

All great points and very common cases, yet services that force 2FA seem completely oblivious to this or just don't care about responsible users. In instances where it must be a phone number it is obviously for data mining.

It is a lazy way to cater to the lowest common denominator of users who will eventually fall for a phishing scam or install some keylogger and have their password end up in a dump.

reply

sambazi | karma 336 | avg karma 1.04 · | 2023-10-07 02:12:44

yea, 2FA is mostly an euphemism for 'with a phonenumber'.

kinda reminiscent of the mess with id and ssn.

reply

newnewpdro | karma 1778 | avg karma 0.83 · | 2018-11-02 00:23:26+00:00

Agreed, 2FA is a good idea but it was never in the users' best interest to attain it via phone numbers. But when all these organizations saw an opportunity to couple a reliable phone number with what was otherwise in most cases, an account having just an email address, they jumped on it.

grazhero99 | karma 38 | avg karma 1.9 · | 2020-08-04 17:37:47

I think it should be fairly obvious to most here, but it bears repeating that any service which requires a phone number for 2FA is to be avoided like the plague.

itronitron | karma 6979 | avg karma 1.95 · | 2023-05-26 04:03:14

Many people associate 2FA with being asked for a phone number, which makes it a burden.

mmahemoff | karma 6818 | avg karma 4.89 · | 2019-11-11 06:25:41+00:00

Phone number is already a 2FA for regular logins in many services. The problem is their processes also allow it to used in a 1FA reset scenario, so it's not true 2FA.

JohnFen | karma 30257 | avg karma 1.9 · | 2019-03-06 18:24:48+00:00

Not to me, for a bunch of reasons -- starting with the fact that it assumes that the phone # you use for 2FA (which nobody should be doing anyway) is the phone # you want people to contact you through.

raxxorrax | karma 8264 | avg karma 1.37 · | 2021-09-17 02:40:30

2FA often was a scam since they just abused your contact info which is a security breach.

lakomen | karma 728 | avg karma 0.89 · | 2024-06-02 20:24:32

However 2FA. They're making it hard to not have a phone

IYasha | karma 462 | avg karma 0.61 · | 2023-04-04 03:38:03

2FA is hell. It was forced on people to control them, not to help them. There should be a law that would forbid banks and other companies to demand a phone number. But, unfortunately, things are upside down now. :(

anfilt | karma 3200 | avg karma 3.05 · | 2018-09-27 03:37:38

Honestly, I hate how many 2FA systems want you to use a phone number. There are other ways that are much better.

hartator | karma 6634 | avg karma 2.18 · | 2019-05-21 19:47:40+00:00

It's why most of 2FA implementations is BS. It's truly only whoever has access to your number or email can do whatever.

alexb_ | karma 5947 | avg karma 6.42 · | 2022-11-28 07:28:28

You know, I'm really starting to hate how 2FA, and phone numbers in general, have been hijacked into being an ID that companies just assume you have. A lot of the people who would be extremely opposed from "give us your driver's license or you can't use this service" are perfectly fine with forced 2FA - these leak the same amount of information!

marssaxman | karma 7881 | avg karma 1.99 · | 2018-09-27 11:39:16

I always imagined they would probably end up doing this, and that's why I've never accepted 2FA anywhere a site has tried to push it on me. They can't spam me if they don't know my number...

tlrobinson | karma 30498 | avg karma 4.18 · | 2013-12-04 16:52:27

Agreed. 2FA is still rare enough that if a service you use offers 2FA, that's a sign you should probably use it.

skrebbel | karma 32746 | avg karma 5.58 · | 2019-05-25 05:43:06+00:00

2FA freaks me out. It means I'll be locked out of all my key accounts and services if ever my phone breaks or gets lost. Probably right when I need these services most.

JohnFen | karma 30257 | avg karma 1.9 · | 2019-11-22 21:04:35

Good move!

A 2FA system that requires me to give a phone number is a 2FA system that I won't use. I'm not about to give my phone number out to most companies, and I'm too lazy to go get a burner phone just to set up 2FA.

reply