Please answer.

[Jinxiu]

I would like to ask for help from someone more experienced in the openbullet field. Here are my questions: Many websites now require mobile phone or email verification in addition to account password when logging in. Does this mean that openbullet has fewer usage scenarios? Are there other technical means to solve this problem?      
Best regards

[Jigga88]

Hey! Great questions.

Yeah, you're right....more and more sites are requiring mobile phone or email verification (2FA/MFA), which definitely limits what OpenBullet can do in those cases. It doesn’t make OB useless, but it does reduce the number of targets you can hit effectively unless you're working with custom setups.

There *are* some ways around it, like:

* Grabbing and reusing session tokens or cookies if you already have access
* Exploiting weak or unprotected API endpoints (if they skip 2FA checks)
* Some advanced setups use SMS/email intercepts, OTP forwarders, or automated solvers—but these are not always reliable, and they can get into shady/legal grey areas.

So yeah, it’s not impossible, but it’s getting tougher. OB is still useful if you're targeting platforms that don’t enforce 2FA or if you’re testing your own setups for security.

Let me know if you want help with configs or bypass ideas.