Closed DotaFSS closed 9 months ago
zubrRB
commented
9 months ago Адрес электронный почты донора также требуется для активации VPN на устройствах других пользователей, что в результате приводило к попыткам взлома личного кабинета донора, массовому спаму о таких попытках на почтовый ящик, его полному удалению, отказу от купленной лицензии и использования приложения.
KolbasovAnton
commented
9 months ago @DotaFSS @zubrRB Greetings! Which way of authorization would suit you?
DotaFSS
commented
9 months ago @DotaFSS @zubrRB Greetings! Which way of authorization would suit you?
Hi! Generate random id for each account and require password more then 18 charaters includes a combination of symbols, numbers, and upper- and lowercase letters or other ascii, etc. And TOTP as 2fa and whith out TOTP user must have no possibility for create accounts.
Only id+password+TOTP=Account. After this user can generate random codes for others devices in created account.
KolbasovAnton
commented
9 months ago Thank You, we'll keep this idea in mind! But we do not envisage reworking the authorization process in the near future.
Issue Details
Adguard team still require email address for accounts. This is not safety and serious threat for anonymity.
Proposed solution
Adguard team should to stop require email address for creating accounts and for already existing accounts. And for already existing accounts give opportunity for removing e mail address.
Alternative solution
No response