I share a lot of internet accounts (Netflix, prime etc.) with my friends and family, and recently have been in OTP (one-time-password) hell. I built Auto-OTP to securely send and receive OTPs from people I trust.
This is mostly meant as a beta release so please do check it out and share your feedback :)
1. Receive otp 2. Launch automation which posts entire message content to url 3. Broadcast message to other people in my circle.
It works fine so long as my OTPs arrive correctly.
I have a question about your method - Are all messages broadcasted to the server? If only the ones with an OTP, are OTP messages for all apps broadcasted to those people?
In Auto-OTP, the OTP can be forwarded to different people app-wise. For example, you may choose who should receive the OTP for app1, who receives for app2 etc.
With this Shortcut her information is posted to a url, iOS requires the user to click okay to execute the action. So, you still have control on whether a message gets broadcast or not.
E.g., if a friend messages me asking “hey, did you get the OTP?”, my shortcut will prompt me to broadcast the SMS via the url but I can choose not to.
I clearly am not the target audience as I've never forwarded an OTP... but I'm curious what other people are doing that makes this needed.
The primary use case is for multiple people wanting to access an account that is behind 2FA.
Example of such folks are - 1) My dad wanting to access my bank account details without having to trouble me 2) Me wanting to login to my brother’s OTT accounts (hotstar, prime etc.) 3) CAs needing bank access for small business owners
> The security model doesn’t instill a lot of confidence in me, being that you expect user-interaction as a means of security.
Could you please elaborate on what this means?
