Require Backup Codes to be sent via Text/Email

Blaze3

• November 21, 2020 02:51
• Edited

The 2FA codes being sent via email would defeat the purpose of 2FA but so many glitches can occur and forgetful people can lose where they placed the backup codes so I think what should be in place is that the backup codes be sent to your phone or email, I preferably think they should be required to be sent by a one time text through SMS by having the option for it to be sent via email as well and not just oh you should download your backup codes now instead they can have 3 ways of getting their backup codes at max while one is required. They should also have the backup codes for the past 2fa ppl sent once this in place.

EDIT: Then support would allow you to just get your backup codes via request of SMS if a lockout occurs in the future.

EDIT 2: This should also tell people that the email for backup codes would be less secure for the backup codes being sent as that allows everything to connect via one source.

8

• 

  solodarkwolf5

  • November 18, 2020 06:23

  A better solution than just making another account....

  2
• 

  Michael20013

  • September 23, 2024 03:38

  As someone who early last year fell victim to my own stupidity, I couldn't believe the stupidity of the bypass code being emailed…. It is a massive 2FA failure point…. 

  -2
• 

  Blaze3

  • September 24, 2024 18:17
  • Edited

  Your own stupidity? Regardless we require a way to recover an account other than haha rip sorry bud. If you don't get the ability to suddenly download those codes or get force logged before it or any other reason it sucks. Even when you also lose those codes because guess what it's just a physical file downloaded on your PC. Also with what you said at that rate connecting it to your Google Drive is a massive 2FA failure point. It connects with your email.

  0

Please sign in to leave a comment.