Ask HN: Why is the current user verification process so bad?
Story: so I tried to login to my bank account via selenium just _once_. After being unsuccessful, I go back to login as normal, and have to change my entire password and verify my account via email.
But that's just my bank.
Accessing Linkedin on a different computer? Gonna need to dig out your old email address password to get the code from that account verification email they just sent.
And god absolutely forbid you should be accessing a Google service from a different/unfamiliar machine. If you don't have a number on file with them (lol), or haven't updated your recovery email in a while, you're legit locked out.
Granted this is a bit of a rant, but why on earth is account verification in this, the year 2020 just such a paranoid, terrible user experience where every company takes an uncreative, heavy-handed approach to identity verification? What solution would you advise banks take when you login from an unfamiliar location? I think we've had to too lax for too long. Most banks have to make that check because they are still relying on username + password pairs. (I doubt using the Belgian eID triggers an alert.) I dont mind a bank, but facecook? The site where people gossip about their travels wants me to download their 500MB app on my phone to verify me in order to post a silly picture on my game’s page. Twitter just banned my crypto-prices bot for the third time. I m not giving them my number again. I give up, this is sillyness, and i notice growing resentment from people too. On Facebook a single moderately offensive post can lead to burning bridges and angry wives. Social attacks can destroy a person life as much as a bank theft can. I think everything you're complaining about is a good thing to be honest. For a bank. I really don't mind that level of security.