4 pane comic of dolan on the left and spooderman on the right

pane 1 (dolan): cum join opensurce cummunity!
pane 2 (spooderman): shure! how joyn?
pane 3 (dolan): Here discord! (with discord logo)
pane 4 (spooderman with tears in eyes): y u do dis?

  • myxi@feddit.nl
    link
    fedilink
    English
    arrow-up
    8
    ·
    edit-2
    há 9 meses

    They force you to enter your phone number if your IP address is fishy to them, or if your email provider is not popular.

    • banneryear1868@lemmy.world
      link
      fedilink
      arrow-up
      3
      arrow-down
      1
      ·
      há 9 meses

      Enforcing two factor because of suspicious indicators isn’t bad on it’s own though, it’s privacy concerns about Discord preceding this which makes it a bad thing in this context.

      • TechNom (nobody)@programming.dev
        link
        fedilink
        English
        arrow-up
        1
        ·
        há 9 meses

        Using phone numbers as second factor authentication is neither secure, nor is it in good faith. Force the customer to use something more anonymous and secure - like Fido keys or even TOTPs. Sneaking in ways to force the customer to reveal their personal details, in the name of security is a sinister dark pattern.

        • banneryear1868@lemmy.world
          link
          fedilink
          arrow-up
          1
          ·
          há 9 meses

          Phone number is the weakest form of 2FA but it’s still an improvement. I’ve never had to use my phone in Discord though, I don’t how Discord would even verify someone’s phone number as legitimate. But like I said I have a couple Discord accounts with different emails, probably on 30-40 servers, and have never run in to this. So if they’re collecting personal details in this really granular and specific manner, it seems like they’re not doing a very good job at it.