I love this. I despise the fact that my bank restricts passwords lengths to max 16 chars, hash lengths are constant, it is ridiculous. It is a BANK, if anything they should be more secure.
Instead they force me to make passwords that easily fit a password mask by restricting special characters and forcing at least one number, uppercase letter, etc. They are actually weakening the security in a vain attempt to get people to make stronger passwords. All they do is make it P@$$w0rd instead, no increased security, it is so predictable
I think disallowing SMS for 2FA will make it harder to get people to use it, if they finally decide to signup then they are informed they need an authenticator program. Also there have been times my phone was dead and I didnt have a backup plan.
> there have been times my phone was dead and I didnt have a backup plan.
This. Just recently this happened to me when I needed to get into my Gmail and I was shit out of luck. Didn't have my phone on me. The best Gmail would do was some sort of account reset that would take 2+ days (for good reason). I was entirely locked out, no solution short of returning home to get my phone.
Instead they force me to make passwords that easily fit a password mask by restricting special characters and forcing at least one number, uppercase letter, etc. They are actually weakening the security in a vain attempt to get people to make stronger passwords. All they do is make it P@$$w0rd instead, no increased security, it is so predictable
I think disallowing SMS for 2FA will make it harder to get people to use it, if they finally decide to signup then they are informed they need an authenticator program. Also there have been times my phone was dead and I didnt have a backup plan.