Need Better Way to Secure OTP


I need help with a better method for security. One of the customers for this app said he could view the OTP in JSON when entering the wrong password.


That’s my current conditional, and I did notice that another Bubble coach taught the same method. What’s the best way to set this up?

Wait, forgot I could set up a privacy rule so the user can’t see their own data. All good!


For some reason, the “last2fa” showing up now in the debugger. The 2fa should not be showing. It was working (hidden) before but maybe it’s not consistent? Should I report this as a bug or is there a better way to go about this?