While several Indian Marvel fans explore the mystical world of WandaVision, they may have noticed something else while logging into Disney Plus Hotstar. The streaming service has begun to phase out login verification passwords, allowing users to log in via a one-time SMS-based password. New and old users must link their mobile number to sign up for Disney Plus Hotstar.
This is not entirely new for Disney Plus Hotstar. As reported by Gadgets 360 in May 2020, many users were forced to log in via OTP from SMS, because login with email addresses was disabled. But now, after almost a year, it is mandatory.
At the time, some users found it annoying because they no longer had access to their own Premium account. Disney Plus Hotstar subscribers reported their accounts were randomly associated with unknown contact numbersMany users’ account information had been compromised through a fake website, email phishing schemes, password reuse, or modified APKs.
Last year, the only way to fix this was to contact Disney Plus Hotstar support to change the contact number. Fast forward to 2021, Disney Plus Hotstar has made SMS-based OTP mandatory to log in regardless of when you signed up for the service.
Why is Disney Plus Hotstar replacing passwords with OTP?
Multiple users have previously complained about hacking their accounts. According to a report by MedianamaHas Disney Plus Hotstar responded to such complaints by saying, “We have seen a trend where email users with shared accounts, weak / common passwords, or compromised systems are targeted by hackers.” The streaming site added, “We had launched phone number / OTP login only and log out of all device features that provide more security.”
It is quite common for subscribers to reuse their passwords for many other accounts. When one of these accounts is hacked, all other accounts are also compromised. While this is a fair response, it cannot be true of every subscriber complaint.
We’ve reached out to Disney Plus Hotstar for a response and we will update this story as soon as we receive a response.
Who else uses SMS?
With the arrival of UPI in India, many of us have stopped using SMS, even for online transactions. All of our SMS inboxes are usually filled with spam. Not only is SMS-based OTP outdated, it’s also not as secure as you might think. Since text messages are not encrypted, they can be easily compromised
A much safer alternative is to send OTP via email or even a confirmation email, similar to the email new users get to verify their account. In addition, Disney Plus Hotstar can warn users to change their password periodically and explain the cybersecurity threats associated with using the same password for a long time.
For now, Disney Plus Hotstar subscribers will require an SMS-based OTP when logging in via email or Facebook.