Jump to content
THESE FORUMS ARE READ-ONLY: Please Read Me ×
THESE FORUMS ARE READ-ONLY: Please Read Me

Affinity Security

Svendus Panorama
 Share

Recommended Posts

Svendus Panorama

Svendus Panorama

Posted
Posted (edited)

Hi  i hate to say this but  Affinity are doing the same mistake as  the Google account team does

Sending the Two-step verification code to the account E-mail and not to OTP (One Time Password) via SMS (short message service)  to Smartphone are not Safe!

This is very important and Apple do this from the start on iCloud

Please read more on my blog: Svendus Blog a Blog about Panorama

Note: Over 700,000 passwords have been leaked lately on the internet recently in Sweden

Kindly Regards Svendus

Edited by Svendus Panorama
clearyfiing
Dan C

Dan C

Posted
Posted

Hi @Svendus Panorama,

Welcome to the Affinity Forums :)

Under Account Settings in the dropdown menu from your username in the top right corner of the Forums, in the Security and Privacy section, you can set the Affinity Forums to use the Google Authenticator app -

image.png

Having this set on your account will instead require a OTP from the Google Authenticator app on your trusted device, and will not email the required OTP to you.

I hope this helps!

Svendus Panorama

Svendus Panorama

Posted
  • Author
Posted
2 minutes ago, Dan C said:

Hi @Svendus Panorama,

Welcome to the Affinity Forums :)

Under Account Settings in the dropdown menu from your username in the top right corner of the Forums, in the Security and Privacy section, you can set the Affinity Forums to use the Google Authenticator app -

image.png

Having this set on your account will instead require a OTP from the Google Authenticator app on your trusted device, and will not email the required OTP to you.

I hope this helps!

Thank You we shall take a look at this i Think OTP (OneTime Password) should be standard

i had to learn this the hard way and it is actually very few in my age that has any clue about Google Authenticator app

 

Komatös

Komatös

Posted
Posted

It would be more secure with a passkey instead of passwords and OTP.

MAC mini M4 | MacOS 26.0.1 (Tahoe) | 16 GB RAM | 256 GB SSD 
AMD Ryzen 7 9700X | Sapphire Nitro+ RX 9060 XT 16 GB  | 32 GB DDR5 6000 MT/s | Windows 11 Pro 25H2 (26100.6584)
Windows 11 Pro on VMWare Virtual Machine (on Mac)
Affinity Suite V 2.6.4

Don't waste my thoughts with useless ideas!

Svendus Panorama

Svendus Panorama

Posted
  • Author
Posted (edited)

Yes but OTP are better than nothing out off the box to SMS

how many of your friends do you think find it necessary to buy a security Key

Edited by Svendus Panorama
spelling
fde101

fde101

Posted
Posted

We log into the forums using an email address, meaning we all have one, making it the least common denominator for this functionality, and better than nothing.

That said, email itself is not particularly secure, so I agree that other options are definitely preferable when available, where this is of significant concern.

It is unrealistic to expect that many sites will support 3rd party authentication devices at this stage of the game, and SMS support is not always free to offer support for.

While cell phone companies have traditionally allowed you to email a message that gets delivered as an SMS, many of them have started pulling back on support for this, and the address you send the messages to is formed differently for different people even on the same provider in some cases, making using these services challenging and somewhat hit-or-miss.

Other SMS offerings are usually at a cost, which not all companies will want to pay when offering free accounts to a publicly accessible forum (meaning an unbounded number of SMS messages may need to be sent, thus a cost which is not controlled and which they may not be able to recoup).

Offering support for signing in using a Google account appears to be free, and allows support for Google Authenticator if enabled for the account, so that is probably one of the more realistic options that many sites would be able to offer as an improvement over emailed codes.

Svendus Panorama

Svendus Panorama

Posted
  • Author
Posted

Apple has OTP as standard but not Affinity and your Google Account 

Most sites as Firefox, Paypal and so on uses OTP as optional

We are talking about a hacked E-mail that the Hacker has full control off 

Regards Svendus

 Share
Go to topic listing
×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.