Making mobile number optional for 2FA
-
I recently decided to turn-on two-factor authentication for my account using an authenticator app. So, I went to the corresponding page in the settings to enable it. I then discovered that it was not possible to enable two factor authentication using an authenticator app without entering my mobile number. I’m not sure why this is required. Why should I have to enter my mobile number to enable two factor authentication using an authenticator app? Or if there is a way to enable it without entering my mobile number let me know.
The blog I need help with is: (visible only to logged in users)
-
Hi there,
We require a mobile number to also be added as a fallback, should you lose access to your authenticator app. There is no way to bypass this requirement.
We will never use the mobile number you provide in this way for any other purpose, and we also do not sell or provide user contact information to third parties.
-
Isn’t that the use case for the backup codes? I think you’re asking this to help people who might miss the backup codes which is a nice thing but it would have been great if there was a possibility to skip giving the backup number.
I understand that you would not use the mobile number unnecessarily but given the amount of data breaches that happen these days I consider not giving out data unnecessarily as the best way to keep it safe (the reason I love authenticator apps and backup codes ;-). That does not mean I do not trust the security of wordpress. It just shows that I’m being overly paranoic ;-)
- The topic ‘Making mobile number optional for 2FA’ is closed to new replies.
WordPress.com Forums 