Jump to content

Affinity Security

Svendus Panorama
 Share

Recommended Posts

Svendus Panorama

Svendus Panorama

Posted
Posted (edited)

Hi  i hate to say this but  Affinity are doing the same mistake as  the Google account team does

Sending the Two-step verification code to the account E-mail and not to OTP (One Time Password) via SMS (short message service)  to Smartphone are not Safe!

This is very important and Apple do this from the start on iCloud

Please read more on my blog: Svendus Blog a Blog about Panorama

Note: Over 700,000 passwords have been leaked lately on the internet recently in Sweden

Kindly Regards Svendus

Edited by Svendus Panorama
clearyfiing
Dan C

Dan C

Posted
Posted

Hi @Svendus Panorama,

Welcome to the Affinity Forums :)

Under Account Settings in the dropdown menu from your username in the top right corner of the Forums, in the Security and Privacy section, you can set the Affinity Forums to use the Google Authenticator app -

image.png

Having this set on your account will instead require a OTP from the Google Authenticator app on your trusted device, and will not email the required OTP to you.

I hope this helps!

Svendus Panorama

Svendus Panorama

Posted
  • Author
Posted
2 minutes ago, Dan C said:

Hi @Svendus Panorama,

Welcome to the Affinity Forums :)

Under Account Settings in the dropdown menu from your username in the top right corner of the Forums, in the Security and Privacy section, you can set the Affinity Forums to use the Google Authenticator app -

image.png

Having this set on your account will instead require a OTP from the Google Authenticator app on your trusted device, and will not email the required OTP to you.

I hope this helps!

Thank You we shall take a look at this i Think OTP (OneTime Password) should be standard

i had to learn this the hard way and it is actually very few in my age that has any clue about Google Authenticator app

 

Komatös

Komatös

Posted
Posted

It would be more secure with a passkey instead of passwords and OTP.

MAC mini M4 | MacOS Sequoia 15.5 | 16 GB RAM | 256 GB SSD 
AMD Ryzen 7 5700X | Sapphire Nitro+ RX 9060 XT 16 GB  | 32 GB DDR4 3200MHz | Windows 11 Pro 24H2 (26100.4351)

Windows 11 Pro on VMWare Virtual Machine (on Mac)
Affinity Suite V 2.6.3 & Beta 2.6 (latest)
Interested in a free (selfhosted) PDF Solution? Have a look at Stirling PDF

No backup, no pity.

fde101

fde101

Posted
Posted

We log into the forums using an email address, meaning we all have one, making it the least common denominator for this functionality, and better than nothing.

That said, email itself is not particularly secure, so I agree that other options are definitely preferable when available, where this is of significant concern.

It is unrealistic to expect that many sites will support 3rd party authentication devices at this stage of the game, and SMS support is not always free to offer support for.

While cell phone companies have traditionally allowed you to email a message that gets delivered as an SMS, many of them have started pulling back on support for this, and the address you send the messages to is formed differently for different people even on the same provider in some cases, making using these services challenging and somewhat hit-or-miss.

Other SMS offerings are usually at a cost, which not all companies will want to pay when offering free accounts to a publicly accessible forum (meaning an unbounded number of SMS messages may need to be sent, thus a cost which is not controlled and which they may not be able to recoup).

Offering support for signing in using a Google account appears to be free, and allows support for Google Authenticator if enabled for the account, so that is probably one of the more realistic options that many sites would be able to offer as an improvement over emailed codes.

Svendus Panorama

Svendus Panorama

Posted
  • Author
Posted

Apple has OTP as standard but not Affinity and your Google Account 

Most sites as Firefox, Paypal and so on uses OTP as optional

We are talking about a hacked E-mail that the Hacker has full control off 

Regards Svendus

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.