I know you said leave 2fa out, but there's no reason we can't make the phone a 2fa device, and do 2fa with it semi-transparently to the user. Is there?
On 1 September 2014 19:39, Martin Albisetti <[email protected]> wrote: > So, iCloud was hacked somehow. I haven't seen any details as to how, > but reading about people panicked and confused on twitter led me to a > tweet[1] that said: > > "Of course people pick terrible iCloud passwords. You can't enter a > good password 50x per week on a mobile device. You'll go carpal." > > Which makes perfect sense. We have the same problem, we have a single > sign on system, which is great for some things, but given the > introduction of the phone with a touch-screen keyboard and mandatory > password re-entry on app purchasing as well as new influx of users who > create their account for the first time on the phone, people will tend > to pick less secure passwords. > > Leaving aside 2FA as the answer, as it's clearly not widely adopted > (for its complexity?), what can we do to make this a bit better in our > platform? > Can we confirm purchases and other tasks that are frequently used > somehow differently than with the account password, and encourage > (and/or force) better passwords for the general account? > > To try and reduce the scope of the discussion, I'm mostly looking for > proposals that would be implementable in the short or mid term, rather > than changes that would require 6 or more months to implement across > the platform (which we may need to, but I wouldn't want to start off > that discussion here and now). > > > Any other ideas? > > > > thanks! > > > [1] https://twitter.com/matthew_d_green/status/506427220546826240 > -- > Martin > > -- > Mailing list: https://launchpad.net/~ubuntu-phone > Post to : [email protected] > Unsubscribe : https://launchpad.net/~ubuntu-phone > More help : https://help.launchpad.net/ListHelp -- Mailing list: https://launchpad.net/~ubuntu-phone Post to : [email protected] Unsubscribe : https://launchpad.net/~ubuntu-phone More help : https://help.launchpad.net/ListHelp
