alt Hacker NewsThe real problem is not having a (trusted) way of seeing what you are consenting to by entering a TOTP (which can be phished).
SMS-OTP, with all its downsides, allows attaching a message of who you're paying how much to the actual code.
The real problem is not having a (trusted) way of seeing what you are consenting to by entering a TOTP (which can be phished).
SMS-OTP, with all its downsides, allows attaching a message of who you're paying how much to the actual code.