[hombre_fatal]

I don’t agree. At worst it just introduces a “hey i lost my phone” customer support backdoor that may be weaker than what was there before.

[kube-system]

It’s not any worse than the “hey I forgot my password” support backdoor.

If you have a support backdoor, it doesn’t matter what technology you use. That’s not a technology problem.

[rtev]

That’s a security flaw. Backup codes are the fix if you get locked out. Sure, the attacker could find the backup codes, but that can be a challenging task.

[duckmysick]

And at best? And what about on average?