|
|
|
|
|
|
by oarsinsync
1580 days ago
|
|
|
> > As it becomes easier to emulate hardware tokens[1], Google may start limiting which ones it accepts. > Why? Likely not in the same of security, but as an extra speed bump for automated account creations. The easier it is to create accounts in automated ways en masse, the more likely that system can be abused. If you require SMS authentication, you can use that telephone number as a means to limit accounts being generated. If you can restrict software emulating hardware, you're similarly increasing the barrier to entry to require hardware tokens too, increasing the cost of creating accounts used for fraudulent activity, and reducing the lower hanging fruit (e.g. spam) from being as profitable. |
|
|
If you require SMS authentication, you can use that telephone number to personally identify the individual. Privacy invasion justified in the name of security.