Hide Two-Step Authentication "Secret" code after setting it up

space42

New member
Joined
Oct 18, 2021
Messages
3
Shouldn't the "Secret" code from the two-step authentication be hidden after you set it up on your phone/totp device? If its always visible there someone could copy your code just by looking at that page.
 
Shouldn't the "Secret" code from the two-step authentication be hidden after you set it up on your phone/totp device? If its always visible there someone could copy your code just by looking at that page.

I don't think it is necessary as the secret code from 2 step authentication probably will be invalid within few seconds.
 
I don't think it is necessary as the secret code from 2 step authentication probably will be invalid within few seconds.
I'm actually talking about is the Secret that is used to generate the code you use to login:
AdGy0Te.png


If anyone else manages to get this code (even by looking at your screen), they can use it to generate the same codes your phone is generating. Of course, they would still need to know your password to access your account, but I don't see the point in showing the secret there after you already set it up on your device.
 
after you set it up on your phone/totp device?

OK, I misunderstood your question because you said 'after' setting up (like we use the 6 digits code to log in)

EDIT:

You are right, I think the field should not be there
 
Last edited:
Back
Top