While I like 2 step authentication I wish Google would get rid of SMS password r... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		my8bird on April 18, 2012 \| parent \| context \| favorite \| on: Make Your Email Hacker Proof While I like 2 step authentication I wish Google would get rid of SMS password reset. With this enabled all a person needs is your phone to gain access to your account. Given that police can grab you phone whenever you are stopped this means they can "hack" your account at the same time. Another example could be a cleaning person at a hotel finding your phone. Just two examples off the top of my head. Basically, SMS password reset makes your phone the golden key. http://support.google.com/accounts/bin/answer.py?hl=en&a...

smiler on April 18, 2012 [–]

As long as you have a pin lock on your phone, the cleaning person nor the police will be able to do anything with your phone.

sp332 on April 18, 2012 | | [–]

It's not that hard for law enforcement to get your PIN. e.g. http://blog.agilebits.com/2012/03/30/the-abcs-of-xry-not-so-...

jamesgeck0 on April 18, 2012 | | [–]

What about if the phone can be rooted?

Consider applying for YC's Summer 2026 batch! Applications are open till May 4
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact