|
|
|
|
|
|
by kbar13
394 days ago
|
|
|
i worked on a large platform (YC company, too!) previously on their 2FA implementation. while not ideal, it was decided to keep SMS 2FA because there are still people out there without smart phones or in general the ability to do TOTP. but they still have some means to access the site that wasn't a smartphone i guess. so, it's a bit of a compatibility issue, i guess there will be some portion of the population who will be very upset that they need to buy a whole new smartphone just to securely access their banking details |
|
|
ALLOWING methods X, Y or Z would be better reasoning.