Slightly OT: Odd timing but one of my services sent me a push notification earli... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

m4tthumphrey on Jan 17, 2021 | parent | context | favorite | on: That's not how 2FA works

Slightly OT: Odd timing but one of my services sent me a push notification earlier about setting up a "personalised code" which would be included in all emails. I thought this to be a novel way that could _help_ with the email phishing problem, if adopted and implemented properly.

unilynx on Jan 17, 2021 [–]

The user still has to notice that the personal code is missing in the phishing emails.

If you could trust users with "always check for this personal code in the emails, ignore emails without it" we could also trust them with "your bank will never email you a login link"

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact