Should every website send you an email when you login?

1 points by bawana ↗ HN
Two factor authentication (where google, yahoo,etc) send you a text with a secret code for you to login is a bit of a pain. I would rather have a 'log' of my logins whereever I go in my email. Obviously if I see an access I do not remember (time or IP) then I know something's up. Is this a reasonable strategy/request for better security?

1 comment

[ 2.3 ms ] story [ 16.4 ms ] thread
I would not want my inbox flooded with notifications every time I log into a site (I would probably just make a rule to put them in the trash, which would defeat the purpose). Gmail has pretty good system where it notifies me every time I login from a device that I haven't used to login to gmail before. Since most of the time I am checking Gmail from the same two devices I rarely get these notifications. It is nice to know that this security is there, I would quickly realize if someone else was trying to login to my account.