
Ask HN: Why is the current user verification process so bad? - ra5
Story: so I tried to login to my bank account via selenium just _once_. After being unsuccessful, I go back to login as normal, and have to change my entire password and verify my account via email.<p>But that&#x27;s just my bank.<p>Accessing Linkedin on a different computer? Gonna need to dig out your old email address password to get the code from that account verification email they just sent.<p>And god absolutely forbid you should be accessing a Google service from a different&#x2F;unfamiliar machine. If you don&#x27;t have a number on file with them (lol), or haven&#x27;t updated your recovery email in a while, you&#x27;re legit locked out.<p>Granted this is a bit of a rant, but why on earth is account verification in this, the year 2020 just such a paranoid, terrible user experience where every company takes an uncreative, heavy-handed approach to identity verification?
======
woofcat
What solution would you advise banks take when you login from an unfamiliar
location?

I think we've had to too lax for too long.

~~~
Diti
Most banks have to make that check because they are still relying on username
+ password pairs. (I doubt using the Belgian eID triggers an alert.)

------
buboard
I dont mind a bank, but facecook? The site where people gossip about their
travels wants me to download their 500MB app on my phone to verify me in order
to post a silly picture on my game’s page. Twitter just banned my crypto-
prices bot for the third time. I m not giving them my number again. I give up,
this is sillyness, and i notice growing resentment from people too.

~~~
croo
On Facebook a single moderately offensive post can lead to burning bridges and
angry wives. Social attacks can destroy a person life as much as a bank theft
can.

------
thebrain
I think everything you're complaining about is a good thing to be honest.

------
duxup
For a bank. I really don't mind that level of security.

