Login to the Rabbit Hole with one-time password (OTP) or/and passkeys only

In 2024, I think it should be standard that cloud-based services that are able to collect and analyze vast amounts of possibly very, very personal and private data should support at least two-factor authentication such as one-time password (OTP) or/and passkeys, because the best IT security is useless if that is exactly what is missing.

Passwords are not state of the art and a company as progressive as Rabbit should know this and set it up as soon as possible so that access to the Rabbit Hole is only possible with at least two-factor authentication.

Alternatively, as an interim solution, I think it would be OK if there was a “delete all” button in the rabbit hole that could delete all data recorded with r1 for the entire period at once. This should be quickly achievable with a short SQL query or whatever database language is in use. From a data protection and security perspective, it would also be advisable if data in the database were not just marked for deletion as is usual in most cases, but were actually physically deleted, provided that this is permitted by law.

If you need any technical support, please feel free to ask me, I will be happy to help as best I can out of my own interest as a user and r1 holder. :heart: @rabbit

3 Likes

This might be interesting and important in this context. @rabbit

Probably the best way would be if you could manage it, you could use something like that or alternatively maybe some authenticator apps on your smartphone or something like that. @rabbit

That is certainly also very interesting. So that this can become a reality as quickly as possible, just like r1. :heart: @rabbit

1 Like

This might also be of interest:

https://developers.yubico.com/Passkeys/Passkey_workshop.html