So. I had a Yahoo! mail account.<p>A half-hour ago, I attempted to log into it. It's a long-neglected thing, something I care about on a roughly 12-18 month basis. Gave CmdrTaco well-wishes through it once, back when it was merited, otherwise it largely collected spam and served as my Slashdot contact if I forgot my password.<p>After attempting to log into my Yahoo! account tonight, after what must be ten+ years of my account's existence, I now receive this: "Traveling somewhere new?", and a link to a hidden e-mail address where a code can be sent to verify, well, me.<p>I remember my username and password. But, and this might be super-archaic, I also remember a time when this was sufficient to give me access to my account. I haven't a clue where b<i></i><i></i><i>@p</i><i></i><i></i>.net is. I've suspicion it was an 11+ year old redirect to an ISP email address I haven't had for 11+ years, and it is of no use to me that I can send a code to it in lieu of them allowing me to log in with, you know, the actual credentials I have and have supplied to them when creating the account.<p>I post this whining to Hacker News for this: please, don't chase an idea so far that you lose sight of your users' actual needs. In this case, 2-factor only matters if I can be counted on to know both factors.