Sure, but as long as the fallback for account recovery is sending a reset email ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		eredengrin 5 months ago \| parent \| context \| favorite \| on: Emailing a one-time code is worse than passwords Sure, but as long as the fallback for account recovery is sending a reset email or sms (both of which are similar or worse than yoloing textfiles on dropboxes), that's a very tough argument to make in good faith.

growse 5 months ago [–]

I agree that account recovery isn't the best. But just because that sucks doesn't mean there's zero value in improving credentials.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact