Privacy technologiesfromArs Technica2 weeks agoMillions of people imperiled through sign-in links sent by SMSSMS authentication links with guessable or long-lived tokens expose millions to account takeover, identity theft, and data exposure.