I would have expected them to ask me to message them, in order to resolve the issue of not having access to my old email. Instead, they assume that I still have access to it, by simply contacting my email provider!
If I could do that, I wouldn’t have lost access to it through would I?
OMFG YEEEEEEESSSSS I HATE THOSE I’m not even super duper security focused I just love the idea of even a bot farm has to guess a code within a 30 second window
Meanwhile sms codes usually expire between a ten minutes and an hour, usually a half hour, but thats if at all
As much as I hate them they’re better than nothing :/
I doubt bruteforce has been used in one of these attacks. The service should detect a bot entering many combinations per second.
The main problem with SMS is that someone could social engineer the mobile operator support to give them a new SIM.
Probably not something you should worry too much about unless you are in any way a target, but still.
I also said way less than what I was thinking but you pretty much summarized the other half of what I was thinking with people being able to get the authenticator which is in this case the message
I also just plain don’t like them
Idk why beyond the reasons I said