People here don’t realize how dumb the average user can be. I’ve helped countless people attempt to recover their accounts to which they forgot the password to because they were logged in on their computer and just went to it, and were shocked once they let the cookie expire.
Backup security questions? “Oh, I put random garbage there, there’s no way I remember”.
I’ve known people that end up with a new email more often than they end up with a new phone number for that exact reason. Or worse, they also got a new phone number without thinking about their 2FA SMS and lose a whole bunch of accounts.
With social engineering attacks all over the place, more and more companies just won’t help you in the name of security.
Those users absolutely need to be nudged towards adding backup account recovery info.
People here don’t realize how dumb the average user can be. I’ve helped countless people attempt to recover their accounts to which they forgot the password to because they were logged in on their computer and just went to it, and were shocked once they let the cookie expire.
Backup security questions? “Oh, I put random garbage there, there’s no way I remember”.
I’ve known people that end up with a new email more often than they end up with a new phone number for that exact reason. Or worse, they also got a new phone number without thinking about their 2FA SMS and lose a whole bunch of accounts.
With social engineering attacks all over the place, more and more companies just won’t help you in the name of security.
Those users absolutely need to be nudged towards adding backup account recovery info.