LDS Auth should require your phone to be unlocked to autorize

Church Account is the primary user account (user name and password) for accessing online Church resources. Church Account was formerly known as LDS Account. This forum is a space to discuss all things related to Church Accounts (registration, account recovery, user experience, vulnerabilities, etc.).
Post Reply
CWSpear
New Member
Posts: 2
Joined: Mon Oct 10, 2016 8:27 pm

LDS Auth should require your phone to be unlocked to autorize

#1

Post by CWSpear »

Currently, the Android version of the LDS Auth app allows you confirm you log in, even when the phone is locked. The push notification has you just respond "Yes" or "No" to the authorization request, and those notifications (complete with the Yes/No options) is available on the lock screen.

Part of the security with 2FA (two-factor authorization) apps is not just that it requires you to have that 2nd device, but also to have authorized access to that device. Other 2FA apps are able to do this, and it'd be nice of the LDS Auth app did, too, for increased security.

Phone: Pixel 2
OS version: Android 8.1.0
App version: 1.2.0.0
Post Reply

Return to “Church Account”