Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
yafujifide
4 months ago
|
parent
|
context
|
favorite
| on:
Emailing a one-time code is worse than passwords
There is a way to fix this. Don't just require a 6 digit code. Require a 6 digit code and a long random string (an expiring token), which is only present on the page the user visited, or in the email they were sent.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
