from Hacker News

Falsehoods Programmers Believe About Phone Numbers

by umitkaanusta on 7/7/24, 4:56 PM with 8 comments

  • by chmod775 on 7/7/24, 10:13 PM

    Just today a delivery service wanted to send an SMS to validate my phone number, so I was forced to use a mobile phone number rather than landline. Landline often makes more sense, because usually they'd call to reach someone in the household the item is being delivered to, not a specific person. Other delivery services require a landline number, which sucks for people who don't have one.

    Some services limit you to one account per phone number. Not only are there 5 numbers that route to my card (probably common given that this was a local provider's standard offering some time ago), once I even got a one-time token for some account a previous owner of a number was apparently trying to reset. It helpfully informed me which service it was for, so I could have likely used the fact that I now control that number to take over their account.

    Using phone numbers for 2FA/account resets is worse than e-mail, even ignoring the fact how vulnerable telephone networks are to spoofing/intercepts.

  • by simonblack on 7/7/24, 10:33 PM

    The "Falsehoods Programmers Believe about ..." series is well worth reading every six months or so.

    Invariably you forget one of the pitfalls.

    The things that annoys me about "Falsehoods Programmers Believe about Email Addresses" is that one person can have several email addresses, or use one email address for several different uses, so using an email address as a login to a website account can get really, really messy.

  • by LatticeAnimal on 7/7/24, 9:19 PM

    > In New Zealand, non-urgent traffic incidents can be reported by calling *555 from a mobile phone. Alpha characters may also be used in phone numbers, such as in 1-800-Flowers.

    Is this true? Do carriers actually accept [a-zA-Z] in their phone numbers? (if so, how are they encoded?). I couldn't find any reference to this elsewhere.

    I had assumed that advertisement-numbers like `1-800-Flowers` had to be translated by a person when they entered the number on their phone via their keypad.

  • by BugsJustFindMe on 7/7/24, 10:26 PM

    1-800-FLOWERS is not a phone number. The phone number is 1-800-356-9377. FLOWERS is just a mnemonic device called a phone word (https://en.wikipedia.org/wiki/Phoneword).

    Maybe the document should be called falsehoods programmers believe about what people will provide when asked for their phone number.