![]() We therefore believe requiring a phone as a backup option strikes the best balance of confidentiality (no one else can read your data) and availability (you can read your data) for the majority of our users. If you lose your phone, the TOTP key is lost but normally you can get a new SIM card with the same number from your carrier. However, for the majority of users, the risk of losing their two-step verification device is far greater than the risk of someone hacking their SMS. ![]() We are aware that SMS is not the most secure of methods for 2FA, and has been deprecated by NIST. But so too is making sure you don't get locked out of your own account. ![]() > Keeping your account safe from attackers is very important. > Why do I have to add a recovery phone number to set up two-step verification? They have a long section in the documentation that strongly discourages it, and it seems like they will refuse to restore your account if you lose your 2FA, which is exactly what I want:
0 Comments
Leave a Reply. |