11
abcdev
7y

Me : Yeah dude, totally. I support Right To Privacy.
Also Me : To get OTP filled automatically, i need to ask Recieve Sms Permission from user. Also to send them, too.

😂😂😂😂

Comments
  • 1
    Please give them as much privacy as possible ;w;
    Just ask Google or Facebook/Whatsapp/Instagram for our data, lol
  • 1
    If you're filling in OTP automatically, you're doing it wrong.
  • 1
    @globalvariable well, There are many things i feel is not okay. But we have to do what our Project manager asks. We are just a pawn in this game. If we will not do it, then some one else will.
  • 3
    @abcdev Depending on your position in the company, you could still let your objection be heard.

    PMs often choose what's easy because they have no clue about security/privacy.

    The very least you can do is say: I get that you want to do this from a business perspective, but please realize it has these security issues. I'll gladly build it, but I do want you to have the full picture.
  • 1
    @bittersweet That is awesome advice. Well done!
  • 1
    @abcdev
    Was talking of this issue in another post and well, if you want the app to be as user-friendly as possible I think is the way to go. Though I'm not aware of the risk.

    @globalvariable
    Why is it bad to fill in OTP automatically?
  • 0
  • 0
    @globalvariable
    Is it really that bad?
    I know very little of OTP authentication mechanisms but many widespread apps do fetch the code automatically so I assume it is to some extent secure.
    Would you explain your point?
Add Comment