There is a reason for that, most average Joes just can't handle the technology. ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		professorTuring on Jan 11, 2020 \| parent \| context \| favorite \| on: SMS is not 2FA-secure There is a reason for that, most average Joes just can't handle the technology. You can change OTP-SMS in Banks for TOTP, but it involves more complexity and probably it will be more prone to user errors. Configuring the seed, remembering an extra password to use the OTP... For me it's not that hard, but probably my mom will need some help in order to remember all the steps...

lotsofpulp on Jan 11, 2020 [–]

So make it a non default option? No one who doesn’t want to use TOTP would even have to know about it.

I know some services require SMS in order to force collection of user’s phone number, for data selling purposes and to prevent bots.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact