This whole thing reads like a security response driven by marketing and branding considerations. They put a lot of work into that seamless experience they're so proud of, apparently without security professionals being involved.
These factors point to a company that fundamentally doesn't take security very seriously. That's not a fast, easy, or cheap thing to change. I suspect it won't any time soon.
These factors point to a company that fundamentally doesn't take security very seriously. That's not a fast, easy, or cheap thing to change. I suspect it won't any time soon.