
Ask HN: Auth by Phone Instead of Email? - jensenbox
Seems like for simplicity, using a cell phone instead of email account registration and login is the way to go. Email seems so outmoded in the world of mobile communications. I think using a mobile number with some form of Authenticator for important stuff is reasonable. This would bypass all the Social logins, email deliverability and help create uniqueness as well as remove passwords.<p>How far off am I in thinking this is an ok thing to do?
======
pwg
Your suggestion is but one sim swap away from failure for each user:

[https://krebsonsecurity.com/tag/sim-
swap/](https://krebsonsecurity.com/tag/sim-swap/)

------
detaro
I've changed my phone number more often than my mail account, and for really
important stuff recovery over phone is regularly considered bad because it's
to easy to compromise. It also isn't that great internationally.

