Just got email saying my CC was expiring, and I had to sign in in order to update it.
So I went to do so, only to discover sonic had enabled 2FA on my account without doing, you know, basic verification that it works.
As a result I can't sign in to my own account, because of a poorly implemented security feature.
I have never encountered a situation where any organization thought that it was acceptable to enable 2FA without verification, and the idea that something like a service provider would do so is appalling, especially when they don't offer a 24 hour phone line I can call and provide answers to the standard easily google-able and repeatedly leaked information that every other company asks.
In what world is "I am literally replying to the billing email you sent me as the account owner" a less accurate indicator of my identity than "what is your dog's name? what is your spouse's name? what is a pile of other things that literally everyone can find at this point?".
Also to add to the absolute idiocy of this: I was able to sign into the forums with my non-trivial random password without a problem.
So I went to do so, only to discover sonic had enabled 2FA on my account without doing, you know, basic verification that it works.
As a result I can't sign in to my own account, because of a poorly implemented security feature.
I have never encountered a situation where any organization thought that it was acceptable to enable 2FA without verification, and the idea that something like a service provider would do so is appalling, especially when they don't offer a 24 hour phone line I can call and provide answers to the standard easily google-able and repeatedly leaked information that every other company asks.
In what world is "I am literally replying to the billing email you sent me as the account owner" a less accurate indicator of my identity than "what is your dog's name? what is your spouse's name? what is a pile of other things that literally everyone can find at this point?".
Also to add to the absolute idiocy of this: I was able to sign into the forums with my non-trivial random password without a problem.