The user makes that assumption. Google offers and promotes Authenticator for use... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		judk on May 17, 2014 \| parent \| context \| favorite \| on: How I bypassed 2-Factor-Authentication on Google, ... The user makes that assumption. Google offers and promotes Authenticator for users who want a secure connection.

andreasvc on May 17, 2014 [–]

I submit that a negligible proportion of users is aware that voicemail may be used as a factor, so they're not actively making that assumption. I would say it's Google's responsibility to protect users from the many insecure voicemail systems of telcos, since extra security is the whole point of enabling 2FA.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact