4 pane comic of dolan on the left and spooderman on the right

pane 1 (dolan): cum join opensurce cummunity!
pane 2 (spooderman): shure! how joyn?
pane 3 (dolan): Here discord! (with discord logo)
pane 4 (spooderman with tears in eyes): y u do dis?

  • myxi
    link
    fedilink
    English
    8
    edit-2
    10 months ago

    They force you to enter your phone number if your IP address is fishy to them, or if your email provider is not popular.

    • @banneryear1868
      link
      210 months ago

      Enforcing two factor because of suspicious indicators isn’t bad on it’s own though, it’s privacy concerns about Discord preceding this which makes it a bad thing in this context.

      • TechNom (nobody)
        link
        fedilink
        English
        110 months ago

        Using phone numbers as second factor authentication is neither secure, nor is it in good faith. Force the customer to use something more anonymous and secure - like Fido keys or even TOTPs. Sneaking in ways to force the customer to reveal their personal details, in the name of security is a sinister dark pattern.

        • @banneryear1868
          link
          110 months ago

          Phone number is the weakest form of 2FA but it’s still an improvement. I’ve never had to use my phone in Discord though, I don’t how Discord would even verify someone’s phone number as legitimate. But like I said I have a couple Discord accounts with different emails, probably on 30-40 servers, and have never run in to this. So if they’re collecting personal details in this really granular and specific manner, it seems like they’re not doing a very good job at it.