SMS OTP is like being in a library and someone shouting "Hey Johnny, say 123456" to prove you are you. And having everyone in the library being able to hear you. The only security in SMS is that most of the time, the library is empty.
Otp SMS in the Philippines is problematic due to phone number recirculation. If a person doesn't use the phone for let's say 3 months. The prepaid provider disables the sim and recirculates the number in the market. Now the new Owner will receive the otp. This is where national ID really shines though. Really ensures one legit identity per account.
And once again the chrome dev channel thaught me something new. It's the first time I hear about the web OTP API even though I've implemented a few otp logins (more like registration confirmation otps). This is really valuable and will be integrated in my future work. Thank you!!!
Why there is no code samples here? The speaker tells "what" sms-otp is about, but doesn't share any useful info about "how" sms-otp can be implemented in our projects. No code samples (backend + frontend). This is bad. Talking is cheap.
While providing OTP. You can sent information why that OTP is used. For example if someone hacking my 10 lakhs amount and asking OTP from me. If I get message like this OTP to withdraw 10 lakhs from my account. So the reason for the OTP message will give us more security.
SMS OTP is like being in a library and someone shouting "Hey Johnny, say 123456" to prove you are you.
And having everyone in the library being able to hear you.
The only security in SMS is that most of the time, the library is empty.
5:08 is a nice trick.
I can't wait to see email OTP (because, you know, email is kind of you primal identity on the web).
Otp SMS in the Philippines is problematic due to phone number recirculation. If a person doesn't use the phone for let's say 3 months. The prepaid provider disables the sim and recirculates the number in the market. Now the new Owner will receive the otp. This is where national ID really shines though. Really ensures one legit identity per account.
And once again the chrome dev channel thaught me something new. It's the first time I hear about the web OTP API even though I've implemented a few otp logins (more like registration confirmation otps).
This is really valuable and will be integrated in my future work. Thank you!!!
Hi, can you please help me with the verification otp systems?
Why there is no code samples here? The speaker tells "what" sms-otp is about, but doesn't share any useful info about "how" sms-otp can be implemented in our projects. No code samples (backend + frontend). This is bad. Talking is cheap.
Firebase Phone Authentication should shift to this format of OTP message
Will the WebOtp API be available for email too? It sure is useful, but SMS is terrible.
Fabulous !!👍🏻
what if we have 6 smaller square input box to receive otp
I am not getting otp in my registered mobile number during login in chrome
While providing OTP. You can sent information why that OTP is used. For example if someone hacking my 10 lakhs amount and asking OTP from me. If I get message like this OTP to withdraw 10 lakhs from my account. So the reason for the OTP message will give us more security.
Can somebody tell me how to implement in angular with typescript ?
acronym soup in the title, good for those looking for the specific concept bad for broader audience.
Is SMS a way to harass people to don't have a cell phone?
SMS does not work on a land line or IP phone
AbhayRai
There are so many case of OTP scam in Indonesia, OTP should be used only as 2 step verification, IMHO
@@ColinRichardson i mean otp as the 2nd verification, Gojek and Grab here only use OTP for login (1st verification)