Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

This is absolutely a problem we thought about, but we never found a good solution. Try getting the general public to use two-factor auth. Just try and see how that works out.


What is wrong with simply sending a confirmation link via email?


You need to have a secure email and an email address is protected user identifying data subject to GDPR.

Web does not require email for most things.


Promotes falling to phishing attacks




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: