Is it just me, or did SMS OTP sent by customer support for privacy reasons break the security model for SMS OTP 2FA authentication for logins?
Now every customer is used to reading OTP codes over the phone just to get help with their account, so they don't think twice about where the 2FA codes should be used.
[#]privacy #cybersecurity
=> More informations about this toot | View the thread | More toots from merospit@infosec.exchange
=> View privacy tag | View cybersecurity tag This content has been proxied by September (ba2dc).Proxy Information
text/gemini