how to change back to email/password login from the One Time Login code

​@Jane I am using the Password-App on iOS/macOS, so logging in to Strava was always secure – and I have a terribly long password! With the new login procedure the use of a password manager no longer fills in automatically my email-adress. If the browser window is to small I cannot even scroll to “login with password”. That’s so annoying and bad user experience.

Please return to the old login process. You can leave an option for those who want those login codes (and want to open their email-app, look for the email, copy the code, paste it into the Strava-Website … do you get it? It takes ways longer)! BTW, I tried it and NEVER receiced an email. Even the spam-folder was empty. So it even does not work!

This issue has been ignored for long enough and it really is time for someone at Strava to take a grown-up decision and to back-out the change which delivered OTC.

As a subscriber, I expect at the very minimum to be given the curtesy of consenting with an option to reject a change with this impact, not just having it imposed on me.

If I allowed dev and support to deliver user impacting changes like this with no warning and no comms in my company, people would lose their jobs...

I talked to the servicedesk and they reset my password again. I got a link from them to reset my password so its changed again for me….. so contact the helpdesk !!

I talked to the servicedesk and they reset my password again. I got a link from them to reset my password so its changed again for me….. so contact the helpdesk !!

​​​​​​​

Yep, I accidentally activated OTC and hate it. need to get back to password method.

What if someone loses access to their email?

Before switching to OTC’s, a user effectively had two authenticators: their password (primary) and their email (secondary). If they lost access to their primary authenticator (e.g. they forgot/lost their password), they could use their secondary authenticator (email) to reset their password. If they lost access to their secondary authenticator (e.g. email account was compromised and taken over by an attacker), they could log in with their primary authenticator (password) and change their email address.

After switching to OTC’s, a user has only one authenticator: their email. So if they lose access to their email, they no longer have any way to login to Strava.

This is the nature of authentication: if you require one authenticator to login, you need second authenticator to be able to self service the first.

This OTC feature has been implemented incorrectly. It should not remove the ability to login with a password. It should be a option to use OTC (email) as the primary authenticator, while keeping the password as a secondary authenticator. That way, when access to email is lost, the user can login with their password instead, and then change their email address.

I understand the desire to move away from passwords (they are a very poor form of authenticator), but switching them off without replacing them with another authenticator is not the way to do it. By doing that, you effectively remove the ability for users to self-service their accounts when they are unable to use their primary authenticator. To remove passwords, you need to provide an alternate authenticator. This could be Passkeys, TOTP, SMS, etc.

And to be clear, the way this has been implemented does not mean that email is being introduced as an authenticator to replace passwords. When we used passwords, we already had email as an authenticator. We used it as a secondary authenticator to reset our primary authenticator (password). What we didn’t have previously was the ability to use email as the primary authenticator. We now have the ability to use email as the primary authenticator, but passwords have been taken away, so we have lost one authenticator, and are now relying on a single authenticator (email). And if we lose access to our email, it’s bye bye Strava.

I too enables OTC by mistake and want to switch back.  STRAVA:  It would be so much easier for us and cheaper for you if you provided an option in setting instead of us having to call your service desk,  Please do it!

Same. The gave you no option. I want to go back also to password. 

​@Jane why are Strava ignoring the requests of the community. The emailing of the OTC is taking far too long and simply not an answer for the many of us that use password managers as they are intended to be used. What is the real back story here about why Strava have imposed this change. A company who doesn’t listen to its users, however good their product, will lose this customers as they always have a choice

please speak to your product development team and get this ridiculous restriction fixed

simon