Y
Hacker News
new
|
ask
|
show
|
jobs
by
libeclipse
3672 days ago
This "attack" could be semi-mitigated by using Authy or Google Authenticator instead of SMS. If users knew to never ever paste the generated codes anywhere but the site, this attack wouldn't exist at all.