[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On Thu, Feb 13, 2014 at 11:20:59PM +0000, Julian Hall wrote: > One possibility occurs to me. Note the IP address they send email > from. Each time a new one pops up send an email to their backup > account asking them to confirm it was them - include the message as > I doubt most users would know an IP address from a postcode. If > they confirm, add the IP address to accepted ones for that account. > Facebook already do a similar thing - assuming the user enables it > - and email you when a new device is used to access your account, so > it's obviously possible. Yes, but Facebook does require you to opt-in to the system. Without users knowing it's going to happen, it's going to be a mess. Many people won't have access to their backup account anymore, or if they do, they won't have access to it all the time. And that's a big pain if you're on the road and need to send an important email. And I think it's unlikely that more than a small portion of Yahoo's users are going to opt-in to two-factor authentication. (Which, IIRC, Yahoo offers these days.) Martijn. -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq