I've been waiting for the SMS for 45 minutes to no avail :( I wonder if it's just load problems on their side.
I really hate SMS-from auth, anyway. Now my cellphone-provider account is security critical, rather than my installation-of-a-secure-client-I-control. This is some protection against mass attacks on Twitter, but I use a long, unique, random string as my passphrase, so I'm not too worried about that.
Kind of sucks that Twitter has such light security compared to FB/Google/AWS. I guess they're substantially smaller, but this wouldn't be that hard for 1-2 good engineers to get right. If it weren't for the stupidity where Google/Apple/Twitter/Facebook/Amazon/etc. think they're at war with each other, this seems like something they'd be better off partnering/outsourcing.
If I had an app with the mobile client reach of Twitter, I'd use it as an opportunity to become a security/auth provider (using a public key scheme), though.
I really hate SMS-from auth, anyway. Now my cellphone-provider account is security critical, rather than my installation-of-a-secure-client-I-control. This is some protection against mass attacks on Twitter, but I use a long, unique, random string as my passphrase, so I'm not too worried about that.
Kind of sucks that Twitter has such light security compared to FB/Google/AWS. I guess they're substantially smaller, but this wouldn't be that hard for 1-2 good engineers to get right. If it weren't for the stupidity where Google/Apple/Twitter/Facebook/Amazon/etc. think they're at war with each other, this seems like something they'd be better off partnering/outsourcing.
If I had an app with the mobile client reach of Twitter, I'd use it as an opportunity to become a security/auth provider (using a public key scheme), though.