|
|
|
|
|
|
by ghughes
1397 days ago
|
|
|
A phone number is fine for 99% of users. They recommend that users with higher-than-average security requirements set a PIN, which removes phone number attacks from the threat model, but you're still dependent on the security of SGX. Users with extreme security requirements can set a 42 character alphanumeric PIN, thus also excluding SGX from the picture, but at that point you're getting owned no matter what you do. |
|
|