Me : Yeah dude, totally. I support Right To Privacy.
Also Me : To get OTP filled automatically, i need to ask Recieve Sms Permission from user. Also to send them, too.

😂😂😂😂

Please give them as much privacy as possible ;w;
Just ask Google or Facebook/Whatsapp/Instagram for our data, lol

If you're filling in OTP automatically, you're doing it wrong.

@globalvariable well, There are many things i feel is not okay. But we have to do what our Project manager asks. We are just a pawn in this game. If we will not do it, then some one else will.

@abcdev Depending on your position in the company, you could still let your objection be heard.

PMs often choose what's easy because they have no clue about security/privacy.

The very least you can do is say: I get that you want to do this from a business perspective, but please realize it has these security issues. I'll gladly build it, but I do want you to have the full picture.

@bittersweet That is awesome advice. Well done!

@abcdev
Was talking of this issue in another post and well, if you want the app to be as user-friendly as possible I think is the way to go. Though I'm not aware of the risk.

@globalvariable
Why is it bad to fill in OTP automatically?

@Balzy holy shit

@globalvariable
Is it really that bad?
I know very little of OTP authentication mechanisms but many widespread apps do fetch the code automatically so I assume it is to some extent secure.
Would you explain your point?