2FA doesn't stop phishing unless it's WebAuthn. But SendGrid, which is owned by ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		agwa 1 day ago \| parent \| context \| favorite \| on: SendGrid isn’t emailing about ICE or BLM – it’s a ... 2FA doesn't stop phishing unless it's WebAuthn. But SendGrid, which is owned by Twilio, only supports 2FA based on SMS or the Authy App (which is also made by Twilio): https://www.twilio.com/docs/sendgrid/ui/account-and-settings... It seems like Twilio has a conflict of interest that prevents them from offering WebAuthn, as that would be a tacit admission that their SMS and Authy products are not actually that secure.

Terretta 1 day ago [–]

rich irony that twilio numbers don't qualify to receive SMS codes when senders check if it's a virtual number (the regulated aka important ones do check)

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact