what if I don't have my phone to verify its me? why can't you just allow for password entry?
what if I don't have my phone to verify its me? why can't you just allow for password entry? Please allow for password entry only. Thank you
-
Roger A. Newman commented
Yes, you make it now impossible for me to reach old material and e-mails
-
Knut Haakon Flottorp commented
SMS to the phone is the only safe way to authenticate you.
The problem arises because the password approves a session, many log-ins. When you have two phase approvals you must pass both the email password and an SMS to stop others pretending to be you. They can just copy your password. The 6 characters in an SMS cannot be intercepted and copied. It goes to your phone and you can pass it on and approve access. Without the phone, the access to the account should be restricted.
On the phone, they have MSISDN, IMEI and GPS. It is miles more secure. -
Brian Kelley commented
Not all people have there phone with them....