I’ve run into that a few times, but usually just on financial sites or services where an attempted account hijack may be likely, and it’s ultimately a good thing. There have been one or two where it seemed entirely unnecessary though, so I get the frustration.
Funny enough, all my banks allow me to change my email address easily through their app or website! And they DON’T offer strong 2fa, so security is the least of their priorities.
But so many sites, like our local hardware site or G2A (for buying software keys) don’t, and I’d rather close the account (done through their website, no less!) than go through the hassle of contacting support.
Yeah, anything handling sensitive data (medical, legal, financial, etc) absolutely needs stringent and thorough processes for completely changing login information (i.e. email address). But random superfluous websites I use for entertainment or socializing? Get outta here.
anything handling sensitive data (medical, legal, financial, etc) absolutely needs stringent and thorough processes for completely changing login information (i.e. email address).
Hardware-based 2fa would be nice, but it seems that these same organizations are among the only which DON’T have hardware-based 2fa and insist on texting codes, instead.
None of them actually take security seriously, even through all of them should be!
I’ve run into that a few times, but usually just on financial sites or services where an attempted account hijack may be likely, and it’s ultimately a good thing. There have been one or two where it seemed entirely unnecessary though, so I get the frustration.
Funny enough, all my banks allow me to change my email address easily through their app or website! And they DON’T offer strong 2fa, so security is the least of their priorities.
But so many sites, like our local hardware site or G2A (for buying software keys) don’t, and I’d rather close the account (done through their website, no less!) than go through the hassle of contacting support.
Yeah, anything handling sensitive data (medical, legal, financial, etc) absolutely needs stringent and thorough processes for completely changing login information (i.e. email address). But random superfluous websites I use for entertainment or socializing? Get outta here.
Hardware-based 2fa would be nice, but it seems that these same organizations are among the only which DON’T have hardware-based 2fa and insist on texting codes, instead.
None of them actually take security seriously, even through all of them should be!