K
Kirby
Guest
This is most likely "Working as designed" but in the case the design is questionable
TFA is meant to protect the account (and sensitive data within it), but unfortunately emai TFA displays the following message when triggered:
In case of an unauthorized access to the account (by an attacker that only has username and password) this leaks the users email address - effectively...
Read more
Continue reading...
TFA is meant to protect the account (and sensitive data within it), but unfortunately emai TFA displays the following message when triggered:
An email has been sent to <b>{email}</b> with a single-use code. Please enter that code to continue.
Click to expand...
In case of an unauthorized access to the account (by an attacker that only has username and password) this leaks the users email address - effectively...
Read more
Continue reading...