Thank you for highlighting this. We will try and optimise for this particular password manager to ensure a seamless login experience.
@encore TOTP-based solution is something that we do not intend to introduce as a login method due to various vulnerabilities and possibilities of automating the same, especially via third-party applications.
This issue can be solved easily by having a single textbox instead of having one box for one digit.
I know it looks cool this way but textbox of same size can also be made to look cool. And it will be easier on Auto-fill tools like bitwarden, lastpass
@Hardik
Also I do not agree that TOTP is vulnerable. If it was vulnerable Google, Cloudflare, Oracle cloud and hundreds of other platforms will not use it. They have definitely done more security study than Dhan did.
Why not give TOTP option and let users decide if they want to activate it or not? (like Upstox does)
TOTP can be easily automated using libraries like pyOTP. If you search for ‘TOTP automation’, you can easily get youtube videos for almost all platforms who use TOTP for login which can be automated.
At Dhan, we are extremely cautious about the access and privacy of user. This is the reason of not allowing third party TOTP based login.