... and this is why I can't trust any of these jokers with my phone number for 2-factor authentication.
Shuttered Instagram holes opened 20 million accounts to hijack
Security consultant Arne Swinnen says Instagram has shuttered brute force authentication holes that allowed hijacking of some 20 million accounts. The NVISO infosec man says an absent authentication control coupled with an insecure direct object reference vulnerability meant attackers could commandeer some four percent of …
COMMENTS
-
Monday 23rd May 2016 07:34 GMT Anonymous Coward
And the real issue is....
... .why these companies need your phone number in the first place?
The whole Internet worked pretty well without asking your phone number for many years... then came the data slurping companies looking for unique IDs...
Event "two factor auth" is often just a bait to make you give them your unique ID....