Svendus Panorama Posted February 6 Share Posted February 6 (edited) Hi i hate to say this but Affinity are doing the same mistake as the Google account team does Sending the Two-step verification code to the account E-mail and not to OTP (One Time Password) via SMS (short message service) to Smartphone are not Safe! This is very important and Apple do this from the start on iCloud Please read more on my blog: Svendus Blog a Blog about Panorama Note: Over 700,000 passwords have been leaked lately on the internet recently in Sweden Kindly Regards Svendus Edited February 6 by Svendus Panorama clearyfiing Quote Link to comment Share on other sites More sharing options...
Svendus Panorama Posted February 6 Author Share Posted February 6 SMS (short message service) are safer it is Hardware that the Hacker normally can not use OTP (One Time Password) to the same E-mail are not safe att all 😖 Quote Link to comment Share on other sites More sharing options...
Dan C Posted February 6 Share Posted February 6 Hi @Svendus Panorama, Welcome to the Affinity Forums Under Account Settings in the dropdown menu from your username in the top right corner of the Forums, in the Security and Privacy section, you can set the Affinity Forums to use the Google Authenticator app - Having this set on your account will instead require a OTP from the Google Authenticator app on your trusted device, and will not email the required OTP to you. I hope this helps! Svendus Panorama 1 Quote Link to comment Share on other sites More sharing options...
Svendus Panorama Posted February 6 Author Share Posted February 6 2 minutes ago, Dan C said: Hi @Svendus Panorama, Welcome to the Affinity Forums Under Account Settings in the dropdown menu from your username in the top right corner of the Forums, in the Security and Privacy section, you can set the Affinity Forums to use the Google Authenticator app - Having this set on your account will instead require a OTP from the Google Authenticator app on your trusted device, and will not email the required OTP to you. I hope this helps! Thank You we shall take a look at this i Think OTP (OneTime Password) should be standard i had to learn this the hard way and it is actually very few in my age that has any clue about Google Authenticator app Quote Link to comment Share on other sites More sharing options...
Svendus Panorama Posted February 6 Author Share Posted February 6 @Dan C the Google Authenticator app seems only to function on my two Google accounts ❓ Quote Link to comment Share on other sites More sharing options...
Komatös Posted February 6 Share Posted February 6 It would be more secure with a passkey instead of passwords and OTP. Quote AMD Ryzen 7 5700X | INTEL Arc A770 LE 16 GB | 32 GB DDR4 3200MHz | Windows 11 Pro 24H2 (26100.2161) Affinity Suite V 2.5.5 & Beta 2.6 (latest) Interested in a free (selfhosted) PDF Solution? Have a look at Stirling PDF I am not old, I have matured like a good scotch! Link to comment Share on other sites More sharing options...
Svendus Panorama Posted February 7 Author Share Posted February 7 (edited) Yes but OTP are better than nothing out off the box to SMS how many of your friends do you think find it necessary to buy a security Key ❓ Edited February 7 by Svendus Panorama spelling Quote Link to comment Share on other sites More sharing options...
fde101 Posted February 7 Share Posted February 7 We log into the forums using an email address, meaning we all have one, making it the least common denominator for this functionality, and better than nothing. That said, email itself is not particularly secure, so I agree that other options are definitely preferable when available, where this is of significant concern. It is unrealistic to expect that many sites will support 3rd party authentication devices at this stage of the game, and SMS support is not always free to offer support for. While cell phone companies have traditionally allowed you to email a message that gets delivered as an SMS, many of them have started pulling back on support for this, and the address you send the messages to is formed differently for different people even on the same provider in some cases, making using these services challenging and somewhat hit-or-miss. Other SMS offerings are usually at a cost, which not all companies will want to pay when offering free accounts to a publicly accessible forum (meaning an unbounded number of SMS messages may need to be sent, thus a cost which is not controlled and which they may not be able to recoup). Offering support for signing in using a Google account appears to be free, and allows support for Google Authenticator if enabled for the account, so that is probably one of the more realistic options that many sites would be able to offer as an improvement over emailed codes. Quote Link to comment Share on other sites More sharing options...
Svendus Panorama Posted February 7 Author Share Posted February 7 Apple has OTP as standard but not Affinity and your Google Account Most sites as Firefox, Paypal and so on uses OTP as optional We are talking about a hacked E-mail that the Hacker has full control off Regards Svendus Quote Link to comment Share on other sites More sharing options...
Dan C Posted February 8 Share Posted February 8 On 2/6/2024 at 4:43 PM, Svendus Panorama said: @Dan C the Google Authenticator app seems only to function on my two Google accounts ❓ That's to be expected and is controlled by Google, you can find out more regarding this here - https://support.google.com/accounts/answer/1066447?hl=en&co=GENIE.Platform%3DAndroid Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.