Ask HN: Auth by Phone Instead of Email? | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		Ask HN: Auth by Phone Instead of Email?
		2 points by jensenbox on June 6, 2019 \| hide \| past \| favorite \| 2 comments
		Seems like for simplicity, using a cell phone instead of email account registration and login is the way to go. Email seems so outmoded in the world of mobile communications. I think using a mobile number with some form of Authenticator for important stuff is reasonable. This would bypass all the Social logins, email deliverability and help create uniqueness as well as remove passwords. How far off am I in thinking this is an ok thing to do?

pwg on June 7, 2019 | [–]

Your suggestion is but one sim swap away from failure for each user:

https://krebsonsecurity.com/tag/sim-swap/

detaro on June 6, 2019 | [–]

I've changed my phone number more often than my mail account, and for really important stuff recovery over phone is regularly considered bad because it's to easy to compromise. It also isn't that great internationally.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact