Disney+ Hotstar’s Forced Migration to SMS-Based OTP Login Leaves Some Users in the Lurch

No more sign-ups with email, and no OTPs on email either. Why though?

Disney+ Hotstar’s Forced Migration to SMS-Based OTP Login Leaves Some Users in the Lurch

Photo Credit: Akhil Arora/Gadgets 360

  • Subscribers locked out of accounts that have been sold on dark web
  • Changing Disney+ Hotstar phone number requires proof of purchase
  • SMS-based OTP is not as secure as email- or app-based ones

Disney+ Hotstar users are having trouble logging in with forced migration from email login to SMS-based OTP only. In late February, Disney+ Hotstar — then just Hotstar — began moving its existing subscribers from email addresses to phone numbers to log in. The streaming service reportedly took this step to tighten security, as future login attempts would require a one-time password (OTP) sent to the mobile in question. This takes Disney+ Hotstar a step ahead of Netflix, which doesn't offer any two-factor authentication method as yet. And then, in a further push in April, Disney+ Hotstar disabled the option to sign up with an email address, or login with an email address if a phone number was also registered to your account. Unfortunately, this has resulted in a series of avoidable consequences.

Some Disney+ Hotstar subscribers are reporting that they can't log into the service because the accounts are associated with phone numbers unknown to them. Gadgets 360 has learnt that this is because their Disney+ Hotstar account credentials have been compromised via emailed phishing schemes, fake websites, modded APKs, or password reuse. The last of those happens when you use the same password across websites. These credentials have since been circulating on publicly accessible websites and the dark web. This was a secondary reason cited internally to transition to SMS-based OTP logins.

Now, you can change the phone number associated with your Disney+ Hotstar account. Unfortunately, you'll have to deal with Disney+ Hotstar's customer support team on Twitter to do this. Subscribers can't change the number on their own, though Disney+ Hotstar hopes to work on this feature “soon”. To get the number changed, you'll need to present your purchase invoice of Disney+ Hotstar, be it the Google Play or iTunes receipt, or a statement from your bank. Users aren't too pleased about this, as you'd think, but customers can redact everything on bank statements, minus the name, phone number, and the Disney+ Hotstar transaction.

It's not clear why Disney+ Hotstar didn't just allow subscribers to receive OTPs on their existing email address, as some have demanded. Moreover, the service transitioned users away from a working login method without informing them either by email or by sending a notification.

If it's user security that Disney+ Hotstar is truly worried about here, then you'd think it would consider moving to an app-based two-factor authentication (2FA) system, as is offered by Amazon Prime Video. Experts have shown that SMS-based OTPs are vulnerable. This could occur via fraudulent apps installed on the user device, or on the network end, since text messages aren't encrypted by default and are stored in plain text en route. The least it could've done was offer OTPs on email, which is arguably safer than SMS, and it's annoying that Disney+ Hotstar can't — or rather, won't.

But if it helps, you can still log into existing Disney+ Hotstar accounts with your email address, if you haven't linked a phone number yet. Now we wait till that becomes mandatory someday.

Can Netflix force Bollywood to reinvent itself? We discussed this on Orbital, our weekly technology podcast, which you can subscribe to via Apple Podcasts or RSS. You can also download the episode or just hit the play button below.


For the latest tech news and reviews, follow Gadgets 360 on Twitter, Facebook, and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel.

Akhil Arora covers entertainment for Gadgets 360, interviewing stars such as Christian Bale and Anurag Kashyap, covering series premieres, product and service launches across the globe, and looking at American blockbusters and Indian dramas from a global socio-political and feminist perspective. As a Rotten Tomatoes-certified film critic, Akhil has reviewed over 150 movies and TV shows in over half a decade at Gadgets 360. When he is not completely caught up with new film and TV releases, Akhil ...More
Realme X3 Super Zoom, Realme X3, Realme TV Surface on Realme India Support Page
Samsung Finance+ Service for Buying Galaxy Phones Can Now Being Availed at Home

Related Stories

Share on Facebook Tweet Snapchat Share Reddit Comment




© Copyright Red Pixels Ventures Limited 2022. All rights reserved.