[dylan604]

> your bank could shut phishers down cold by requiring wire transfers to be authorized in person but they don’t want to pay staff or risk you being upset by a transaction taking an extra hour so they don’t.

Isn't this essentially what just recently happened to the Pope? Then there were people here doing the rest of your comment for him saying how egregious it was for them to ask for an in person authorization. It sounded like all he was trying to do was update his address, but changing your address from one in Chicago to one in a European country absolutely sounds like something a phisher would be trying to do.

[throwaway85825]

Its perfectly acceptable for a security model to make things difficult for extreme edge cases like the pope. After all if the situation warrants it such rare events can always be escalated.

[Terr_]

To frame it another way: Better to inconvenience the pope once every few years than have tens of thousands of "little person" account compromises every year.

I expect his Holiness might agree.

[acdha]

Yes, there were people here criticizing that but also plenty of people saying it was a reasonable trade off. Making exceptional things harder to make everyday security better is not a bad decision even if it upsets techies who’d like everything to be automated.