At 15:02 2016-12-17, mbsoftwaresolutions@mbsoftwaresolutions.com wrote:
On 2016-12-16 18:19, Alan Bourke wrote:
Two factor authentication. Everyone's doing it.
Is that two though? Isn't the phone confirmation just 1-factor? He didn't enter a password on the computer (and I don't think this is listed as a 'trusted/safe' device).
Borrow your stepson's phone and find out.
If possession of the phone is enough, that is a nasty vulnerability.
I do not have a cell phone myself. I rarely need the functionality. I occasionally borrow someone's to make a call. Who would be willing to if it means I could get into his Yahoo! account?
Sincerely,
Gene Wirchenko