This is really bad even just from the perspective of user behavior. Training people to scan QR codes from anything that looks like a captcha box is HORRIBLE for security.
“Thanks for scanning the code, just one more step! Please input your phone number, and type in the code you receive.”
And the phone number thing is already happening too. Google, discord and probably other stuff already ask for a phone number to prove you are a human when they flag your account.
This is really bad even just from the perspective of user behavior. Training people to scan QR codes from anything that looks like a captcha box is HORRIBLE for security.
“Thanks for scanning the code, just one more step! Please input your phone number, and type in the code you receive.”
Boom, account stolen.
It’s almost like they don’t really care about your security…
And the phone number thing is already happening too. Google, discord and probably other stuff already ask for a phone number to prove you are a human when they flag your account.