SMS OTP is like being in a library and someone shouting "Hey Johnny, say 123456" to prove you are you. And having everyone in the library being able to hear you. The only security in SMS is that most of the time, the library is empty.

5:08 is a nice trick. I can't wait to see email OTP (because, you know, email is kind of you primal identity on the web).

Otp SMS in the Philippines is problematic due to phone number recirculation. If a person doesn't use the phone for let's say 3 months. The prepaid provider disables the sim and recirculates the number in the market. Now the new Owner will receive the otp. This is where national ID really shines though. Really ensures one legit identity per account.

Will the WebOtp API be available for email too? It sure is useful, but SMS is terrible.

what if we have 6 smaller square input box to receive otp

Firebase Phone Authentication should shift to this format of OTP message

I am not getting otp in my registered mobile number during login in chrome

Fabulous !!👍🏻

Can somebody tell me how to implement in angular with typescript ?

While providing OTP. You can sent information why that OTP is used. For example if someone hacking my 10 lakhs amount and asking OTP from me. If I get message like this OTP to withdraw 10 lakhs from my account. So the reason for the OTP message will give us more security.

And once again the chrome dev channel thaught me something new. It's the first time I hear about the web OTP API even though I've implemented a few otp logins (more like registration confirmation otps). This is really valuable and will be integrated in my future work. Thank you!!!

Why there is no code samples here? The speaker tells "what" sms-otp is about, but doesn't share any useful info about "how" sms-otp can be implemented in our projects. No code samples (backend + frontend). This is bad. Talking is cheap.

SMS does not work on a land line or IP phone

Is SMS a way to harass people to don't have a cell phone?

acronym soup in the title, good for those looking for the specific concept bad for broader audience.

There are so many case of OTP scam in Indonesia, OTP should be used only as 2 step verification, IMHO

AbhayRai