Phone Verification Becoming More Common.

Discussion in 'privacy technology' started by lucygrl, Sep 6, 2014.

  1. lucygrl

    lucygrl Registered Member

    Joined:
    Nov 6, 2013
    Posts:
    202
    I wanted a Twitter account but wanted to sign up anonymous and went to do a signup with Tor only to be confronted with the phone verification page. I notice this a lot lately with many of the mainstream services wanting phone verification. The phone verification for Twitter sort of defeats the whole purpose of what they are offering because many human rights activists, etc use the service and forcing peoiple to do a phone verification leaves tracks. Im just wondering if anyone knows a way around this problem?

    thankyou.
     
  2. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,028
  3. Wroll

    Wroll Registered Member

    Joined:
    Nov 29, 2011
    Posts:
    549
    Location:
    Italy
    Haven't met an important website doing it.
     
  4. caspian

    caspian Registered Member

    Joined:
    Jun 17, 2007
    Posts:
    2,301
    Location:
    Oz
  5. pajenn

    pajenn Registered Member

    Joined:
    Oct 26, 2009
    Posts:
    930
    i'd avoid phone verifiction... if you ever change your number or get a different number while traveling then you are screwed or at least in for a lot of inconvenience.
     
  6. Gullible Jones

    Gullible Jones Registered Member

    Joined:
    May 16, 2013
    Posts:
    1,459
    lucygrl's point is good enough that I wonder if it would be worth raising directly with companies like Twitter, via snail mail petitions or open letters. When you have human rights activists, etc. using your services, you have an ethical obligation not to betray them to governments that might want them dead.

    I know, I know. Businesses and ethics... Good luck. But it might be worth a try (in the long run).
     
  7. Techwiz

    Techwiz Registered Member

    Joined:
    Jan 5, 2012
    Posts:
    539
    Location:
    United States
    I see this as a privacy concern, since anything that links my online account life to my person is certainly not desirable. I don't use two factor authentication and with few exceptions treat my accounts as disposable:

    I don't have any personal information to steal
    Unique disposable e-mail for each account.
    Unique complex passwords (63 characters at most) for each account.
    Treat security questions as additional password fields (63 characters at most)
    Don't receive or send private or confidential data by electronic services.

    My biggest caveat with companies is limiting base character limits to less then 20 characters for passwords, relying on password strength meters which are utterly useless (e.g., weak passwords like P@SSW0RD are sufficiently complex but easy to bruteforce), reluctance to implement end-to-end encryption properly site wide, incompetence in account storage and protection. Honestly what is a code sent to your phone going to do if the source of the breach isn't you, but the company holding your data? Not to mention that there are plenty of other security features commonly ignored, such as restricting signing into accounts from non-specified devices (usually mac based). Another privacy risk factor and there is nothing stopping someone from spoofing I suppose.
     
  8. chrcol

    chrcol Registered Member

    Joined:
    Apr 19, 2006
    Posts:
    756
    Location:
    UK
    I also don't like it when they block copy and pasting as that encourages the user to use a weak password as its easier to type and as you said low max password lengths.
     
  9. Keatah

    Keatah Registered Member

    Joined:
    Jan 13, 2011
    Posts:
    853
    Eh, just don't use those services. So far there isn't anything on the internet that is necessary for daily living.
     
  10. Sordid

    Sordid Registered Member

    Joined:
    Oct 25, 2011
    Posts:
    221
    SMS sites generally do indeed work until abused and then patched. So just look for a newer service. Some services ban voip.

    And weird. I just tested and successfully opened yet another gmail account and did not have to enter in mobile info. It did say that if I skipped the captcha it may ask for SMS verification.

    In regard to Twitter, I am not seeing phone input on the account creation page.

    Perhaps, you guys/gals are logging in from outside the US and security is being tougher.
     
    Last edited: Sep 9, 2014
  11. Reality

    Reality Registered Member

    Joined:
    Aug 25, 2013
    Posts:
    687
    Right.
    Just purely as I'm curious, Ive been watching my unused and ever so slowly dying hotmail account take it's last breath. The trouble is it keeps gasping for it's last breath. I have been and still am getting this notice coming up about putting in a phone number as a measure of extra security (yeah right :rolleyes: ). I refuse to do it. The strange thing is it would just log me in sometimes and sometimes try the phone # thing on me. I even noticed a pattern for a while. I could get in every 7 days. Now it seems it's not budging at all. Oh well.
     
  12. caspian

    caspian Registered Member

    Joined:
    Jun 17, 2007
    Posts:
    2,301
    Location:
    Oz
    Yeah Gmail goes through phases where they demand them and then allow account without one for a while. But they have even limitied my real number to about 5 accounts. Before.....saying that it had been used too much. So maybe it just goes in phases.
     
Loading...