Installed Steam on a new computer. Signed in. It sent a passcode to my GMail. I signed into GMail. It wanted me to 2FA because I hadn’t signed into Google on that device. It sent a notification to my phone, which I never received. I had it resend the notification twice, still nothing. Tried again with my phone’s offline passcodes. Neither worked. Tried the QR code/Bluetooth connection, and that finally did it.

At least I got through in the end, but fuck, it’s annoying.

  • edge [he/him]@hexbear.net
    link
    fedilink
    English
    arrow-up
    28
    ·
    edit-2
    1 day ago

    A phone number requirement is to stop people from making a bunch of accounts. Emails are free and unlimited, but phone numbers mostly cost money and like you said they have some way to know which numbers come from free voip services.

    Of course phone numbers are also more closely linked to your private identity, as they usually have to be in your or someone close to you’s name. So that makes data gathering easier and makes it easier for feds to snoop on your shit if they really wanted (Discord will comply ofc).

    • quarrk [he/him]@hexbear.net
      link
      fedilink
      English
      arrow-up
      5
      ·
      24 hours ago

      VoIP is not supported for 2FA by some institutions like banks because it may be less secure than a conventional phone line, since it is connected to the internet. In practice, I think SMS is insecure regardless whether it is over the internet or phone line, but in any case that is why VoIP is not fully supported.

      • edge [he/him]@hexbear.net
        link
        fedilink
        English
        arrow-up
        1
        ·
        14 hours ago

        SMS is very unsecure but companies use it. I think that’s what Discord uses on sign up, but they don’t allow free numbers like Google Voice.

    • hello_hello [comrade/them]@hexbear.net
      link
      fedilink
      English
      arrow-up
      14
      ·
      1 day ago

      Discord doesn’t even have to comply, there’s zero E2EE in any part of the network, anyone can snoop in on it if they get any level of access to chat logs.

      I wonder why Discord is known for being home to predators.

      • edge [he/him]@hexbear.net
        link
        fedilink
        English
        arrow-up
        2
        ·
        edit-2
        14 hours ago

        There’s still TLS, so even without end to end encryption of the messages, the only parties that should be able to see the contents are you, the recipient(s), and Discord. So either Discord has to willingly give over the messages, or a larger data breach of Discord has to happen.