Before implementing SRP, our authentication flow relied on email verification.
The general inconvenience of waiting for emails aside, this flow also had the potential to lock out customers who were using Ente Auth to store their email's 2FA credentials. So it was important that we fixed this.
Once OPAQUE becomes more mainstream, we will very likely adopt it.
The general inconvenience of waiting for emails aside, this flow also had the potential to lock out customers who were using Ente Auth to store their email's 2FA credentials. So it was important that we fixed this.
Once OPAQUE becomes more mainstream, we will very likely adopt it.