Pengesahan Dua Saluran
Dua OTP berbeza dihantar melalui e-mel dan SMS. Kod mempunyai tempoh sah, had percubaan dan hanya boleh digunakan sekali.
Keselamatan Data
LegacyReady menggabungkan pengesahan identiti, persetujuan pemilik, penyimpanan peribadi dan semakan manusia untuk mengawal perjalanan maklumat.
Kawalan Berlapis
Setiap lapisan mempunyai tujuan khusus untuk mengurangkan akses tanpa kebenaran dan penyalahgunaan.
Dua OTP berbeza dihantar melalui e-mel dan SMS. Kod mempunyai tempoh sah, had percubaan dan hanya boleh digunakan sekali.
Hanya penerima yang direkodkan dan dipilih oleh pemilik boleh memulakan proses permohonan laporan.
Pautan QR menggunakan tandatangan sistem dan versi token. Pemilik boleh menjana semula atau menyahaktifkan kad pada bila-bila masa.
Sesi pengguna mempunyai tempoh tamat, ID sesi diperbaharui selepas pengesahan dan borang sensitif dilindungi dengan token CSRF.
Medan arahan menyekat kata laluan, PIN, OTP, token dan recovery phrase bagi mengurangkan penyimpanan rahsia akses.
Maklumat tidak dilepaskan secara automatik. Setiap permohonan perlu disemak sebelum melalui tempoh menunggu.
Laporan dihantar melalui e-mel, manakala kata laluan rawak dihantar secara berasingan melalui SMS kepada penerima.
Aktiviti penting direkodkan dan permintaan berulang dikenakan had untuk mengurangkan percubaan automatik atau penyalahgunaan.
Prinsip Data Minimum
LegacyReady merekodkan lokasi dan arahan rujukan, bukan rahsia untuk mengakses akaun.
Pelepasan Terkawal
Tiada sistem boleh menjamin keselamatan mutlak. Pengguna mesti memastikan maklumat hubungan sentiasa tepat, melindungi OTP dan tidak memasukkan rahsia sensitif.
Data Security
LegacyReady combines identity verification, owner consent, private storage and human review to control how information moves through the system.
Layered Controls
Each layer has a specific purpose in reducing unauthorised access and misuse.
Two different OTPs are delivered through email and SMS. Codes expire, have attempt limits and may be used only once.
Only a recipient recorded and appointed by the owner may start a report application.
The QR link uses a system signature and token version. The owner may regenerate or revoke the card at any time.
User sessions expire, session IDs are renewed after authentication and sensitive forms are protected by CSRF tokens.
Instruction fields reject passwords, PINs, OTPs, tokens and recovery phrases to reduce the storage of access secrets.
Information is not released automatically. Every application must be reviewed before entering a waiting period.
The report is delivered by email while its randomly generated password is sent separately to the recipient by SMS.
Important activity is recorded and repeated requests are rate-limited to reduce automated attempts and misuse.
Data Minimisation
LegacyReady records locations and reference instructions, not the secrets used to access accounts.
Controlled Release
No system can guarantee absolute security. Users must keep contact information accurate, protect their OTPs and avoid entering sensitive secrets.