|
|
|
|
|
|
by colechristensen
2349 days ago
|
|
|
It's one of those things which, technically, can be done correctly. However, it isn't. It provides an incentive to do bad security which is bad for providers because their security will have a tendency to devolve into bad-factor recovery and it's bad for users because it makes them comfortable with a security factor which is easily defeated. It might be good for your use case, but systematically SMS is bad for security in a global society sense. |
|
|