If I create a secondary email address, so as not to pass on the main logdates, it does not help anyone who is on security. Because if you log in with the secondary email address (only possible with the password of the main email address), the “user” can change all the authorizations of the profile despite other email address and above all take on the profile.
Interestingly, there is also the same security settings for all users if set. So now secure the account with 2 factor. All keys end up on a device that may not even be the secondary.
It only becomes much more interesting here XDDD
The password for all secondary email addresses is simply that of the main user.
So now you can go into the settings, look through the users and simply use the same password instead of test1@test.com (secondary) simply test@test.com (main user) and then change the profile and steal, for example. No wait, you can do everything as a secondary user.
OK. Joking aside. What is behind it?
Should that be? What is the option of adding further email addresses? This does not really make much sense that secondary email addresses (users) can take over the profile.
Perhaps there should be something like a small authorization system, which, for example, enables other team members of a project to buy for the project at Tebex so that the goods can be assigned directly to the key. So you don’t always have to buy something and then transfer it to the actual target recipient.
Or?
Otherwise nice thing
(Unfortunately, for data protection reasons, no screenshot can be sent. Also hope that this message in this area is okay and permitted.)