8 – How to send email verification link with webform?

I am using a webform for anonymous users (logging in is not an option). Once a webform is submitted, I want to send out an e-mail asking to click on a confirmation link. Only once this link is clicked, I want to take further actions (i.e. trigger an email handler or change the status of the webform). How can I achieve this or something similar?

openid – domain ownership verification in OIDC

I am building an application where we want to allow our users to sign in using their own IDPs, and we’re using okta.

We don’t want our users to have to:

  • Create all their organization users manually
  • Be dependent on SCIM (or any other synchronization)
  • Maintain many users that most of them will probably not use our system

Since our user ids are email addresses and all of our customers are enterprises, we want to map domains to IDPs.

Meaning that if example.com is a customer of ours, then all email addresses like alice@example.com or bob@example.com should be handled by their IDP. the thing is we want to make sure that they own the domain example.com before adding their IDP to our discovery logic.

We were thinking about doing a DNS validation using a TXT record, but we aren’t sure that this is the correct practice for this.

So finally my questions are:

  1. Is there a common practice for this?
  2. Are there downsides to the DNS record validation method?
  3. Are there any caveats we should be aware of? should we re-validate the ownership periodically?

solution verification – Annuity & Perpetuity problem

Suppose Joe has been paying $600$ from his monthly salary at the end of every month for the past $n$ years. After $n$ years of payments, he retires having purchased a perpetuity-due plan that begins right away, which gets him a continuous supply of annual salary payments at the start of each year. If $i>0$ is the underlying annual effective interest rate for all growth, and we know that $(1 + i)^n = 10.894481$, $a_{n, i}^{(12)} = 7.568285$, and $ddot{a}_{infty, i} = 8.884259$, what is the yearly pension Joe receives?

My attempt:

Let $X$ be the yearly pension payments.

First, notice the fact that $n$ is a yearly amount whereas Joe makes monthly payments. Moreover, these monthly payments are at the end of each month so we have an annuity-immediate.

Using the information we are given we can extract actual values:

$$ddot{a}_{infty, i} = frac{1}{d} implies d = frac{1}{8.884259}$$

$$i = frac{1}{1-d} – 1 = frac{1}{1-frac{1}{8.884259}} – 1 = 0.127$$

$$(1 + 0.127)^n = 10.894481 implies n = 20 (years)$$

$$a_{n, i}^{(12)} = a_{n, i} cdot frac{i}{i^{(12)}} = frac{1-v^n}{i} cdot frac{i}{i^{(12)}} = frac{1-v^n}{i^{(12)}} implies i^{(12)} = 0.12$$

, where $d$ is the discount rate and $i^{(12)}$ is the nominal yearly rate.

Now the future value of the annuity immediate with $240$ monthly payments is

$$F = 600 S_{240, frac{i^{(12)}}{12}} = 600frac{(1 + 0.12/12)^240 – 1}{0.12/12} = 593624.68$$

The present value of the perpetuity due is

$$P = Xcdot ddot{a}_{infty, i} = Xcdot 8.884259$$

The future value and present value should be equal

$$8.884259X = 593624.68 implies X = 66817.58$$

Is this correct? I did a lot of research but I am not sure if this is how to approach this problem. Any assistance is much appreciated.

nt.number theory – Verification of Improved constants in Brun-Titchmarsh theorem

For $q,a$ relatively prime, let $pi(x,q,a)$ denote the number of primes less than $x$ which are congruent to $a$ modulo $q$. The Brun-Titchmarsh theorem states that $$pi(x,q,a)leq frac{(2+o(1))x}{phi(q)log(x/q)}$$ for all $q<x$.

Set $theta=frac{log q}{log x}$. The Brun-Titchmarsh theorem may be rewritten as $$pi(x,q,a)leq(C(theta)+o(1)) frac{x}{phi(q)log x},$$ where $C(theta)=frac{2}{1-theta}$. Depending on the range of $theta$, there have been improved bounds on $C(theta).$ Fouvry, Theorem 3 proved the following bounds:
fouvry

However, the paper is written in a language unfamiliar to me. Baker-Harman corrected Fouvry’s bounds till $theta=5/7$ in their paper. I want to know if larger bounds on $C(theta)$ were correctly proved in Fouvry. Thanks in advance.

one time password – Does TOTP make sense for verification codes?

You probably could, but it doesn’t make much sense. Email and even SMS can take long enough to reach people – even people who are explicitly checking for the message – that you’d need to check the last few minutes of codes, which broadens the range of allowable values and slightly increases the risk of an attacker guessing/brute-forcing the code. Meanwhile, the whole point of TOTP – that the generator and the verifier don’t need to have any communication channel and only need two common pieces of info (the key and the clock) – is moot here.

Instead, just generate a short code using a cryptographically secure (pseudo)random number generator and send it to the recipient, plus store it (possibly in hashed form) briefly. You can use a database, or just store it in RAM or a cache if that won’t pose problems due to load balancing, etc. That way there’s only one valid value, you can revoke it immediately any time you want to (e.g. once it’s used, once it’s expired, or if you detect multiple failed attempts), and there’s no persistent secret (the TOTP key) that can be stolen by an attacker to enable generating all future codes too. You can also easily make changes to your codes – change their character set, their length, the way they’re generated, etc – any time it feels important.


As a side note, if your site/service has any highly sensitive data – payment info, sensitive PII, etc. – please do not use anything SMS-based as a sole authentication factor. SMS is not very secure, and also mobile phone operators are notoriously bad at verifying your identity before re-issuing your SIM card (or otherwise transferring your number) so possession of a given phone number is not strong proof of identity. Even US government guidelines (which are in many cases behind the times) say you need to offer alternatives to SMS and explain to users that choosing SMS for authentication (assuming you offer it at all) is taking a risk. SMS is acceptable – though still not ideal – as a second factor for authentication, most commonly in combination with a memorized identifier (password/PIN).

one time password – Gmail recovery . There is 2 step verification and google send code to same Gmail

one time password – Gmail recovery . There is 2 step verification and google send code to same Gmail – Information Security Stack Exchange

solution verification – What is wrong with my proof about the power series of reciprocal multifactorials?

The proof I’ve attempted mimics very closely the answer on this question.

How to prove the formula for the Reciprocal Multifactorial constant?

Pre-requisite definitions:

  • A multifactorial of order $k in mathbb{N}$ is defined for $n in mathbb{N}_0$ as $n!underbrace{cdots!}_text{k times}=n(n-k)(n-2k)cdots$
    and $0!underbrace{cdots!}_text{k times}=1$
  • $text{B}(x, y)=int_0^1 t^{x-1}(1-t)^{y-1} dt$
  • $gamma (a, x) = int_0^x t^{a-1} e^{-t}$

Here is what I have done,

$begin{align*}
m_x(k)&=sum_{n=0}^{infty}frac{x^n}{n!_{(k)}}=1+sum_{r=1}^{k}sum_{q=0}^{infty}frac{x^{kq+r}}{(kq+r)underbrace{!dots!}_{text{k times}}}\
&=1+sum_{r=1}^ksum_{q=0}^inftyfrac{x^{kq+r}}{k^{q+1}q!}mathrm{B}left(frac rk,q+1right)\
&=1+sum_{r=1}^ksum_{q=0}^inftyfrac{x^{kq+r}}{k^{q+1}q!}int_0^1 t^{r/k-1}(1-t)^q,dt\
&=1+sum_{r=1}^ksum_{q=0}^inftyfrac{x^{kq}x^r}{k k^{q}q!}int_0^1 t^{r/k-1}(1-t)^q,dt\
&=1+frac1ksum_{r=1}^kint_0^1 x^r t^{r/k-1}sum_{q=0}^inftyfrac{1}{q!}left(x^kfrac{1-t}{k}right)^q dt\
&=1+frac1ksum_{r=1}^kint_0^1 x^r t^{r/k-1}e^{(x^k-x^k t)/k},dt\
&text{Now we substitute, }t=kx^{1-k}, dt=(1 – k) k x^{-k}\
&=1+frac1ksum_{r=1}^kint_0^{x^k/k} x^r (kx^{1-k})^{r/k-1}e^{(x^k-x^k kx^{1-k})/k}((1 – k) k x^{-k})
dx\
&=1+frac{e^{x^k/k}}{k}sum_{r=1}^kint_0^{x^k/k} x^r (kx^{1-k})^{r/k-1}e^{(-x^k kx^{1-k})/k}((1 – k) k x^{-k})
dx\
&=1+frac{e^{x^k/k}}{k}sum_{r=1}^kint_0^{x^k/k} (1-k) (e^{-x}) k^{r/k} x^{r/k – 1} dx\
&=1+frac{e^{x^k/k}}{k}sum_{r=1}^k (1-k)k^{r/k} int_0^{x^k/k} x^{r/k – 1} e^{-x} dx\
&=1+frac{e^{x^k/k}}{k}sum_{r=1}^k (1-k)k^{r/k} gamma left (frac{r}{k}, frac{x^k}{k} right)\
end{align*}$

However, this final answer appears to be completely wrong. I’m not sure if there’s just some bad arithmetic mistake.

I have tried verifying it using some computations in Mathematica (by comparing it with the summation definition described in the first line of the proof). But the two answers are way off.

I think the actual answer must be of the following form,

$$m_x(k)=1+frac{e^{x^k/k}}{k}sum_{r=1}^{k}k^{r/k}gammaleft ( frac{r}{k}, frac{x^k}{k} right )$$

Computed values for this expression perfectly coincide with the values computed with the summation definition.

Thanks for any and all help!

PS: I have already read a similar question Evaluating the power series of the multifactorial reciprocal $sum_{n=0}^infty frac{x^n}{n!!…!!}$.
But the method of proof is completely different.

What causes Time Machine to perform a non-manual verification?

What causes Time Machine to perform a non-manual verification? – Ask Different

real analysis – Proof verification (basic calculus)

Let $tin(0,1)$, $c>0$ an arbitrary constant and $a_n$ a positive real sequence such that $a_ntoinfty$ as $ntoinfty$. I want to show that for every $n$ large enough there is $c’>0$, arbitrarily large, such that
$$t^{c a_n}leq a_n^{-c’}.$$

My proof

The following equivalence holds $$t^{c a_n}leq a_n^{-c’}iff ca_nln tleq -c’ln a_niff -cfrac{a_n}{ln a_n}ln tgeq c’.$$

As $a_n/ln a_ntoinfty$, we can always take $-cln tgeq c’$ for $n$ large enough so that $a_n/ln a_ngeq 1$ (hence, this $c’$ does not depend on $n$). More importantly, $c’$ can be made arbitrarily large by choosing $c$ large enough.

Can you give me feedbacks about my proof? Is it logically correct?

Thanks in advance.

DreamProxies - Cheapest USA Elite Private Proxies 100 Private Proxies 200 Private Proxies 400 Private Proxies 1000 Private Proxies 2000 Private Proxies ExtraProxies.com - Buy Cheap Private Proxies Buy 50 Private Proxies Buy 100 Private Proxies Buy 200 Private Proxies Buy 500 Private Proxies Buy 1000 Private Proxies Buy 2000 Private Proxies ProxiesLive Proxies-free.com New Proxy Lists Every Day Proxies123