Thanks! I know what you mean - at the same time, I think you’ll do it anyway if the product you’re signing into is interesting enough. After all WIP uses email based auth (plus some annoying telegram linking step)
I suppose email auth is a trade off between security and convenience. At least in the case of this product, an attacker that compromises a website using simple otp (or even simple otp itself) wouldn’t get any passwords. Just make sure your email password is secure heh
Thanks! I know what you mean - at the same time, I think you’ll do it anyway if the product you’re signing into is interesting enough. After all WIP uses email based auth (plus some annoying telegram linking step)
I suppose email auth is a trade off between security and convenience. At least in the case of this product, an attacker that compromises a website using simple otp (or even simple otp itself) wouldn’t get any passwords. Just make sure your email password is secure heh