X-Git-Url: https://git.ralfj.de/web.git/blobdiff_plain/a2b4d5631c785cbeb25e5ccbd0bddfc63106e7de..13b151012fadb1034d0747212555e31cab80f9cd:/personal/_posts/2020-07-24-outlook.com-considered-harmful.md diff --git a/personal/_posts/2020-07-24-outlook.com-considered-harmful.md b/personal/_posts/2020-07-24-outlook.com-considered-harmful.md index eced515..5f98259 100644 --- a/personal/_posts/2020-07-24-outlook.com-considered-harmful.md +++ b/personal/_posts/2020-07-24-outlook.com-considered-harmful.md @@ -58,7 +58,7 @@ They say "+" is an invalid character, which of course is just plain wrong.) I am not sure what "activity" they have detected while I was not using my account for a month (yes I used a strong password); maybe that on its own is already violating their ToS. Subsequently, they insist on me giving them my mobile phone number. -Needless to say, that is an entirely unacceptable request; my phone number is a way too sensible piece of personal information (comparable to my physical mail addresses) for me to share it with Microsoft. +Needless to say, that is an entirely unacceptable request; my phone number is a too sensitive piece of personal information (comparable to my physical mail addresses) for me to share it with Microsoft. Better stay away from Azure CI if you care about such matters. Given the lack of proper security for text messages, this process is also unsuited to establish account security; if that was really their interest, they would insist on setting up two-factor authentication via some standard [OTP protocol](https://en.wikipedia.org/wiki/One-time_password#Standardization).