|
|
|
|
|
|
by 3np
1943 days ago
|
|
|
I just wish they would not inherit the horrible security practices from the incumbents. Opening a new account, the happy path steers the user to 2FA via SMS (which can't be disabled once enabled). The only other option is via their proprietary iOS or Android app. Please, please give us at least TOTP, if not FIDO U2F or Webauthn. SMS is inherently insecure (arguably worse than e-mail) and I'm not going to download your app. |
|
|