Is this new, or have online accounts never offered the ability to update your email address easily?

  • @[email protected]OP
    link
    fedilink
    English
    19 months ago

    anything handling sensitive data (medical, legal, financial, etc) absolutely needs stringent and thorough processes for completely changing login information (i.e. email address).

    Hardware-based 2fa would be nice, but it seems that these same organizations are among the only which DON’T have hardware-based 2fa and insist on texting codes, instead.

    None of them actually take security seriously, even through all of them should be!

    • @bassomitron
      link
      English
      19 months ago

      I agree, texted codes are not very secure and it honestly surprises me how common that quasi-2fa implementation still is. Granted, common thieves/scammers don’t typically go thru the hassle of emulating your number and generating a false sim card in order to intercept text messages meant for you. So, it’s still better than nothing, at least.