Answer the question
In order to leave comments, you need to log in
What account protection measures to apply if it is not available to attach a mobile?
1) What account protection measures should be applied if it is not available to attach a mobile phone?
2) And if the attached mobile number is lost?
Answer the question
In order to leave comments, you need to log in
From the point of view of the site developer or from the point of view of the user?
1) From the user's point of view: put a long complex password that is not used anywhere else, write it down on a piece of paper, burn the piece of paper, and dispel the ashes.
From a developer's point of view: there are a lot of options.
2) The attached number can always be restored. If the number is not tied to the passport - well, the user himself is an idiot.
If you are asking about authentication protection, then such a task requires an integrated approach.
For starters, the user credentials must be properly stored on your server.
And the user must use strong authentication. There are many options and you need to choose what suits you:
- certificates (smart cards, tokens)
- one-time passwords (hardware generators, software generators, SMS / email, OATH or proprietary, QR or alphanumeric)
- biometrics (for example, keyboard typing behavior)
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question