Compared to login, MITM on registration means the culprit knows the IP address and the time of the registration, which is usually significant on claiming the account back.
I don't have a spare number to test, but I'm pretty sure entering a phone number in the web sends a SMS code. Do you have concrete evidence that it really doesn't work?
Compared to login, MITM on registration means the culprit knows the IP address and the time of the registration, which is usually significant on claiming the account back.
I don't have a spare number to test, but I'm pretty sure entering a phone number in the web sends a SMS code. Do you have concrete evidence that it really doesn't work?
Unfortunetly not, I must test it also.