Hacker News new | past | comments | ask | show | jobs | submit login

It’s a tough pill to swallow the argument that one of the most widely used and beloved features (autofill codes from SMS) is against the best interests of the user.



It’s a much easier pill to swallow if said user has a US phone plan and ever tries traveling abroad.

Good luck getting those SMS codes. And good luck getting the US carrier to not shut off your plan if you travel for longer than a few months.


Well that's because US exceptionalism itself. More or less the rest of the world uses exactly the same tech for mobile so cellular roaming works in every country. It's the US carriers that try carrier proprietary tech to trap their customers into their networks.

I never had problems with getting SMS around the world with roaming. It just works.


I've never had problems with using SMS + wifi around the world without roaming.

(I've had that problem domestically, due to having laptop internet with no wifi password, though.)


The argument is that autofill makes it so easy, that users accept it and companies are more likely to adopt SMS-based flows, right? Autofill doesn't seem inherently bad.


iOS Autofill of one time codes works with email and with true TOTP codes. Authenticating a user securely on their phone can be seamlessly secure without relying on SMS.




Consider applying for YC's W25 batch! Applications are open till Nov 12.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: