|
|
|
|
|
|
by briHass
1642 days ago
|
|
|
The thing I don't understand is why some OTP systems have started issuing 7-digit codes via text/email (e.g. Sendgrid). I have to imagine Sendgird is competent enough to lockout the account after a few failed OTPs and/or limit the duration a code is valid, so I don't understand the need for the extra digit. It makes mental chunking harder, and is nothing but security theater if the above two checks are in place. |
|
|