The Member Tools site can have MFA enabled, using TOTP (authenticator app): awesome.
But Webmail lacks any sort of added security. This would seem to be a significant security hole, for anyone who actually uses their Sonic email for other internet services. (Password gets compromised; malicious actor requests password reset email for other site; then can access that pw reset link for other site.)
I wonder if the folks at Sonic have any plans to add MFA (please not merely, insecurely, SMS-based) to the webmail service? Or, even a way for a user to turn off webmail access to their email account…
But Webmail lacks any sort of added security. This would seem to be a significant security hole, for anyone who actually uses their Sonic email for other internet services. (Password gets compromised; malicious actor requests password reset email for other site; then can access that pw reset link for other site.)
I wonder if the folks at Sonic have any plans to add MFA (please not merely, insecurely, SMS-based) to the webmail service? Or, even a way for a user to turn off webmail access to their email account…