It doesn’t matter that the code changes, each guess has a 1/1000000 chance of be... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		tinus_hn on Sept 3, 2021 \| parent \| context \| favorite \| on: Gift card gang extracts cash from 100k inboxes dai... It doesn’t matter that the code changes, each guess has a 1/1000000 chance of being the right code. Yes you can’t guarantee you’ll find the code in 1000000 tries, but you still only need to do half of that to have 50% chance of a match.

foxpurple on Sept 4, 2021 [–]

If someone attempts 500,000 failed 2FA attempts on an account, I think its safe to lock that account/take extra steps.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact