I would say that (option 2) sending a verification code is more secure as users will have to input their verification code before the verification is complete, particularly if this is part of login ( 2 step verification). This will largely depend on what the verification entails in terms of user access. I want to know which is one better approach from usability point view and security point of view (my preference is for security). Send deep link + verification code in the email so that when user click on deep link automatically mobile app will get launched with the verification page being open where user can type in (or copy+paste) the verification code Send verification code in the email which user can enter on "verify account" page in mobile app Send the verification link to the user provided email address If user's email address is confirmed then he can use all options otherwise user is restricted to certain options. I want to confirm the user's email address before giving him full access to the application. For registration, the user's email address and password is required. Now using the register API, the mobile app can register the user. The mobile application uses those APIs to get data from the web application. The mobile application integrates with my existing web application (I have developed APIs for it). I agree that option #2 seems to add a bit of overhead however my priority is for security. It would be great if you could provide your views for the above-mentioned approach. Sending confirmation link on the user provided email address, by clicking this link a new page will open showing user account confirmation message.Īnother approach is instead of providing confirmation link, provide user with the verification code in the email, let's say number 12345 is verification code, then user will read this number and enter it on the Confirmation page. I have a similar question I can think of two approaches for confirming email address: I see there are number of questions available there about approach for confirming email address with pretty good answers.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |