New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
This happened to me 7 days ago and I still have absolutely no response. I opened a ticket, sent 2 or 3 emails to their email addresses and used the 'contact us' form 3 times and still no response.
That's why I opened this post here. I also sent a PM here @host_c but I haven't received any response.
Last Active September 19
SMS as MFA is completely insecure; the correct method would be validation with documents and proof of the invoice payment transaction.
Normally, banks don't reset passwords via SMS alone, as this is easily hackable with a SIM swap.
Isnt this a romanian owner with a registered business in .bg?
Big flag
Contact support, always use Google Auth
You permanently lose all your servers and blame @ehhthing for the rest of your life.
I never had to reset bank passwords.
My usual banks have used SMS in these ways:
Submitting documents never happened, because most banks I deal with are online only.
The most they would do is sending a US mail with a PIN inside, when I insisted Google Voice is my only phone number and their system is unhappy about using only a VoIP number to unblock a credit card under fraud lock.
I have a friend with same scenario, probably I need to open a ticket on his behalf and take it from there....
My ticket, which I'm still waiting for a response to.
Still no answer. ;(
Hmm
With the exception of banking, I have a very strong aversion to companies that force 2FA on their users. Recommending 2FA to security-illiterate users is fine, but believing you know better than your users and giving them no choice does not sit well with me.
The perceived increase in security does not justify the risk of permanently losing access to my account.
The day that Github started forcing 2FA was the day that I stopped having a Github account.
I will never be able to talk in any Discord server that requires accounts verified with a phone number, because it's not worth the risk of losing access to my Discord account and the Discord server I own if my phone number is ever lost.
The added friction involved in every login means that most sane people who regularly need to deal with many accounts simply add the 2FA codes to the same password manager that stores their password, which means if their password gets compromised the 2FA is too, resulting in added friction with no real increase in security.
For the few companies with mandatory 2FA that have to deal with, I initially used Ente Auth which is a great standalone option, but have since moved 2FA to my self-hosted Vaultwarden password manager so that it gets auto filled in, is mirrored to all my devices, stored on my own private server, and backed up to lifetime storage plans that I have with multiple companies.