When signing in to your account, you will be required to verify your identity using a One-Time Password (OTP) sent to your email. This added layer of security ensures that only you can access your account.
Follow the steps below to complete the verification process.
Step-by-Step Guide to Signing In with OTP
1. Initiate Sign-In
Enter your registered email address and password on the sign-in page.
Click the Sign In button. You will get a message:
2. Check Your Email for the OTP
A one-time password (OTP) will be sent to your registered email.
Open your email inbox and locate the message from us.
If you don’t see the email within a few minutes, check your Spam or Junk folder.
3. Enter the OTP
Return to the sign-in page and enter the six-digit OTP exactly as shown in the email.
Click Verify OTP to proceed.
4. Successful Verification
If the OTP is correct, you will be signed in to your account.
If incorrect, you may be prompted to re-enter the OTP or request a new one.
Troubleshooting Tips
OTP not received? Check your spam folder, ensure your email inbox isn’t full, and confirm that you entered the correct email address.
OTP expired? OTPs are time-sensitive, usually valid for a few minutes. If expired, request a new one by clicking Resend OTP.
Incorrect OTP? Double-check for typos and ensure you’re entering the latest OTP sent to your email.
Need More Help?
If you continue to experience issues, contact our support team for further assistance.
Interested to Learn More? Here's Why We Verify by Email OTP
OTP (one-time password) authentication is widely used for security, but email-based OTP is generally more secure than SMS-based OTP for several reasons:
Vulnerability to SIM Swapping
SMS OTPs are highly vulnerable to SIM swapping attacks, where a hacker convinces the mobile carrier to transfer a victim’s number to a new SIM. Once they control the number, they can receive OTPs and access accounts.
Email OTPs are not affected by SIM swapping unless the attacker also gains access to the email account.
Intercepting SMS Messages
Hackers can intercept SMS OTPs using SS7 (Signaling System No. 7) attacks. This exploit allows attackers to reroute messages to their own devices.
Certain malware (trojans) can read incoming SMS OTPs and forward them to attackers. Email OTPs, when protected by strong passwords and multi-factor authentication (MFA) in your email provider, are much harder to intercept.
Phishing Attacks
SMS-based OTPs can be easily phished via social engineering attacks where users are tricked into revealing OTPs.
While email OTPs can also be phished, securing the email account with multi-factor authentication (MFA) makes phishing attacks significantly harder.
Lack of Encryption in SMS
SMS is not encrypted end-to-end. Mobile carriers and attackers using intercepting tools can read OTPs. However, most modern email services use TLS encryption to secure emails in transit. Additionally, users can enable end-to-end encryption (PGP, S/MIME) for added protection.
Phone Number Recycling Risks
If a mobile number is deactivated and reassigned, the new owner can receive OTPs meant for the previous user.
Email addresses are less likely to be reassigned and usually require multiple verification steps to recover.
Long Story Short:
Major email providers (e.g., Gmail, Outlook) offer multi-factor authentication, suspicious login detection, and recovery options.
SMS OTPs rely solely on mobile carrier security, which is weaker and often exploited.