Does that contradict what I said? Sure, HTTP 1 is still widely used, but without TLS you can’t use anything else.
For SMS we don’t have a choice, but if you configure your own web server you do have a choice.
Comment on How to selfhost with a VPN
N0x0n@lemmy.ml 6 days agoIn addition to that, without a secure connection you’re stuck with HTTP/1.1
That’s not entirely true. A lot of requests, even with https, are send over HTTP/1.1. And this is kinda mind blowing that in 2025 we still rely on something so old and insecure…
Same goes with SMS and the old SS7 protocol from 1970… 2FA SMS is probably the most insecure way to get access to your bank account or what ever service promotes 2FA sms login.
SMillerNL@lemmy.world 6 days ago
falynns@lemmy.world 6 days ago
I can’t believe SMS is still used for anything but sure OTP sent in text makes sure my account is secure Mr Bank.