Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Don't use texts for the two factor auth, use the Google's app https://play.google.com/store/apps/details?id=com.google.and... and print out the one time codes when prompted (for when your phone is unavailable for whatever reason).

As a bonus, you can also use it for when logging in over ssh with password http://askubuntu.com/questions/159727/how-can-i-use-a-passco...

Anything can be hacked but it's a really solid system, even against a targeted attack and motivated attacker.



Thanks for the link, but could you explain why texts are non-optimal?


Phone companies are often quite stupid about letting phone numbers (with their texts) get redirected. Like you don't have to know any private information, just have a good story stupid.




Consider applying for YC's Fall 2026 batch! Applications are open till July 27.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: