no timer for sms code after sending to app on other device

[ilyapashuk]

when I try to log in, I get message about code sent to telegram app on my other device.

but nothing about sms code

[ilyapashuk]

do you know any working feedback channels to official telegram developers

[Aokromes]

this issue belongs to https://bugs.telegram.org

[baptx]

@YosefSinger @ilyapashuk it is possible to receive an SMS code using a third-party desktop app like Kotatogram, mentioned here by @Aokromes: telegramdesktop/tdesktop#16153

Here is the issue to upvote: https://bugs.telegram.org/c/4239
Other related issue to upvote: https://bugs.telegram.org/c/858

I noticed that logging in using an SMS code gives access to all messages, which is a very weak security used by Telegram since SMS codes can be intercepted (it looks like Telegram messages are saved on the server unlike WhatsApp).
I configured two-step verification to set a password and recovery email address to improve the security.

[ilyapashuk]

yes, your messages are saved on the server, that's why you are able to view them from multiple devices, but secret chats, which you can create on your phone, are visible only on that phone and e2e encrypted. also you can setup 2 factor authentication in your account settings, and sniffed sms code will be not enough to login to your account.

[baptx]

@ilyapashuk thanks I thought Telegram messages were encrypted by default but apparently it is not the case except for secret chats. I don't use Android / iOS on my smartphone and prefer to use the web version so I cannot use secret chats.