Hacker Newsnew | past | comments | ask | show | jobs | submitlogin
Ask HN: Why is Netflix actually requesting the phone number?
6 points by eveningcoffee on March 22, 2016 | hide | past | favorite | 7 comments
I noticed that Netflix started to ask for the phone number (in my country at least).

Their pretext is that this is to restore my password. I find this is ridiculous.

I have restored my password several times already without a phone by using my email address. So I do not have to give my phone number for that (side note: suggestions like this make some users feel that they are treated like full idiots).

So I am wondering why are they doing this.

Are they trying to con out my phone number for what ever reason? That would be pretty low I think and I would like to assume that company like Netflix would not do that.

Also they do not have to prove that I am a real person. They already have my billing information.

Are they really trying to somehow "improve" the password restoration? I think that the restoration procedure over the email works also pretty well. So what would be the improvement? Would I have to manually enter some additional number to annoy me more over the fact that I choose a bad password and how it would improve my security?

Or is this just another example of their bad UI? Like not having an option to automatically remove movies from "My List" after I have watched them. Or showing a special notification for the new movie that I just watched.

So what advantage would having my phone number give to the Netflix? Any ideas?



It may simply be 2-factor authentication. You request a password reset, and they text a code to your phone. You enter that code into your browser. That way, they know you have both the full account details and the associated phone in your possession. Increases the likelihood that you are the authentic account holder.

Many sites, Google included, now offer this optionally. If NetFlix is mandating it, perhaps they really have a problem with users accounts being hijacked.


It is just two-factor authentication and it is optional. I think it is growing in popularity (Mint added it recently as well.)


Thanks. I would put it then on the poor wording and lack of explanation of the feature.


There have been a number of reports about accounts being stolen and pawned off at 1$ or less.. might have something to do with that.


This is interesting, and I wonder how they would react in cases when it happens. In principle the revalidation of the original payment information should in fact clear this issue.


I think what happens a lot with stolen accounts is that they don't actually change the users password or email on the account. People just are basically sharing the account with the owner almost. Otherwise an account wouldn't last long that is sold.


It might be for finding out your country ?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: