|
|
|
|
|
|
by oceanplexian
1479 days ago
|
|
|
While you're technically correct any authentication system worth it's salt would ideally see the same user trying to authenticate from two different locations, and prompt the second user for another factor of authentication (Email, etc.) And since TOTP expires it's not like they could sit on the token and use it later. |
|
|
Anyway, the user would likely still click the link in the email since they are trying to log in.