Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Demo OTP matches the actual OTP sent during account creation #32

Open
latifniz opened this issue Dec 21, 2024 · 0 comments
Open

Demo OTP matches the actual OTP sent during account creation #32

latifniz opened this issue Dec 21, 2024 · 0 comments

Comments

@latifniz
Copy link

Problem
During account creation, an OTP is sent to the user's email. Simultaneously, a demo OTP is pre-filled in the OTP field for demonstration purposes. However, the demo OTP matches the actual OTP sent to the user's email, compromising the purpose of an OTP as a secure, unique verification code.

Expected Behavior
The demo OTP displayed in the field should differ from the actual OTP sent to the user's email to ensure security and prevent unintended auto-verification.

Steps to Reproduce
Start the account creation process by entering an email address.
Check the email for the OTP sent by the system.
Observe that the OTP field is pre-filled with a demo OTP identical to the one sent to the email.
Proposed Solution
Generate a unique demo OTP that is clearly marked as an example and does not match the actual OTP sent.
Ensure the demo OTP is used only for visual guidance and cannot be used for account verification.
I have tried 3 times. it's same

pehchan_opt
pehchan_email_recvied_otp
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@latifniz