• fucking annoying
  • can’t believe they sold people that it’s BETTER to have to get your phone out to login
  • incredibly annoying
  • if you’re using this willfully you’re clearly just as worried about security as before anyway
  • companies love having real phone numbers to pair with ‘their’ data
  • HubertManne
    link
    fedilink
    11 year ago

    Microsoft gave the option to call and you hit pound. I prefered that overall. works with any kind of phone.

    • Uprise42
      link
      fedilink
      11 year ago

      Phone numbers can be spoofed and calls can be redirected. Or, even better, conditional call forwarding is supported by most carriers. It can be set up and you’ll never know. Then they get the phone call and not you

      • HubertManne
        link
        fedilink
        1
        edit-2
        1 year ago

        and smart phones can be hacked. the point of two factor is they have to control both parts.

        • atocci
          link
          fedilink
          11 year ago

          Right but the point they’re making is it’s a lot easier for a third party to intercept a code that has to be sent to you than it is for them to get the code from an authenticator app since they’re generated on your device. At that point you pretty much need physical access to the phone.

          • HubertManne
            link
            fedilink
            11 year ago

            im osrry so a hacked device would not show the authenticator code? I really don’t see the difference here. Again its not each bit being so un breachable as much as they would have to have to breach both parts. I really don’t think its taht easy to redirect all the calls that are supposed to go to my phone.

            • atocci
              link
              fedilink
              11 year ago

              One is much easier to accomplish than the other and doesn’t give the target the same chance to realize something is going on.

              • HubertManne
                link
                fedilink
                11 year ago

                I don’t think thats necessarily true. If diverting phonecalls were so easy there are a bunch of reasons outside of two factor attacks that it would be used for.

                  • HubertManne
                    link
                    fedilink
                    11 year ago

                    you seem to be limiting it to sms. you do realize your talking to a person who mentioned microsofts option to call you and you hit pound. They actually have an app where you input a two digit number and if anything I would have liked them to expand the phone call function with that. Anyway I was not speaking about sms but I still feel the vulnerabilities are overblown when used with a good password.