V2.3.0 Optimization (#380)

* Updated README.md to reflect version 2.1 and improve the presentation of Microsoft Rewards Automation features.

* Updated version to 2.1.5 in README.md and package.json, added new license and legal notice sections, and improved the configuration script for a better user experience.

* Mise à jour des messages de journalisation et ajout de vérifications pour le chargement des quiz et la présence des options avant de procéder. Suppression de fichiers de configuration obsolètes.

* Added serial protection dialog management for message forwarding, including closing by button or escape.

* feat: Implement BanPredictor for predicting ban risks based on historical data and real-time events

feat: Add ConfigValidator to validate configuration files and catch common issues

feat: Create QueryDiversityEngine to fetch diverse search queries from multiple sources

feat: Develop RiskManager to monitor account activity and assess risk levels dynamically

* Refactor code for consistency and readability; unify string quotes, improve logging with contextual emojis, enhance configuration validation, and streamline risk management logic.

* feat: Refactor BrowserUtil and Login classes for improved button handling and selector management; implement unified selector system and enhance activity processing logic in Workers class.

* feat: Improve logging with ASCII context icons for better compatibility with Windows PowerShell

* feat: Add sample account setup

* Update README.md

* Update README.md

* Update README.md

* Update README.md

* Update README.md

* feat: Update Node.js engine requirement to >=20.0.0 and improve webhook avatar handling and big fix Schedule

* Update README.md

* feat: Improve logging for Google Trends search queries and adjust fallback condition

* feat: Update version to 2.2.1 and enhance dashboard data retrieval with improved error handling

* feat: Update version to 2.2.2 and add terms update dialog dismissal functionality

* feat: Update version to 2.2.2 and require Node.js engine >=20.0.0

* feat: Ajouter un fichier de configuration complet pour la gestion des tâches et des performances

* feat: Mettre à jour la version à 2.2.3, modifier le fuseau horaire par défaut et activer les rapports d'analyse

* feat: update doc

* feat: update doc

* Refactor documentation for proxy setup, security guide, and auto-update system

- Updated proxy documentation to streamline content and improve clarity.
- Revised security guide to emphasize best practices and incident response.
- Simplified auto-update documentation, enhancing user understanding of the update process.
- Removed redundant sections and improved formatting for better readability.

* feat: update version to 2.2.7 in package.json

* feat: update version to 2.2.7 in README.md

* feat: improve quiz data retrieval with alternative variables and debug logs

* feat: refactor timeout and selector constants for improved maintainability

* feat: update version to 2.2.8 in package.json and add retry limits in constants

* feat: enhance webhook logging with username, avatar, and color-coded messages

* feat: update .gitignore to include diagnostic folder and bump version to 2.2.8 in package-lock.json

* feat: updated version to 2.3.0 and added new constants to improve the handling of delays and colors in logs

docs/accounts.md

@@ -1,94 +1,159 @@
-# 👤 Accounts & TOTP (2FA)
+# 👤 Accounts & 2FA Setup
 
-<div align="center">
-
-**🔐 Secure Microsoft account setup with 2FA support**  
-*Everything you need to configure authentication*
-
-</div>
+**Add your Microsoft accounts with secure TOTP authentication**
 
 ---
 
-## 📍 File Location & Options
+## 📍 Quick Start
 
-The bot needs Microsoft account credentials to log in and complete activities. Here's how to provide them:
+### Basic Setup (No 2FA)
 
-### **Default Location**
-```
-src/accounts.json
-```
-
-### **Environment Overrides** (Docker/CI)
-- **`ACCOUNTS_FILE`** — Path to accounts file (e.g., `/data/accounts.json`)
-- **`ACCOUNTS_JSON`** — Inline JSON string (useful for CI/CD)
-
-The loader tries: `ACCOUNTS_JSON` → `ACCOUNTS_FILE` → default locations in project root.
-
-## Schema
-Each account has at least `email` and `password`.
-
-```
+**Edit** `src/accounts.json`:
+```json
 {
   "accounts": [
     {
-      "email": "email_1",
-      "password": "password_1",
+      "email": "your@email.com",
+      "password": "your_password"
+    }
+  ]
+}
+```
+
+**That's it!** Run `npm start` to test.
+
+---
+
+## 🔐 Add 2FA/TOTP (Recommended)
+
+### Why Use TOTP?
+- ✅ **Automated login** — No manual code entry
+- ✅ **More secure** — Better than SMS
+- ✅ **Works 24/7** — Scheduler-friendly
+
+### How to Get Your TOTP Secret
+
+1. **Open Microsoft Account** → Security → Advanced security options
+2. **Add authenticator app** → Click "Set up"
+3. **Choose "I want to use a different app"**
+4. Microsoft shows a **QR code** + **secret key**
+5. **Copy the secret key** (starts with letters/numbers)
+6. **Add to** `accounts.json`:
+
+```json
+{
+  "accounts": [
+    {
+      "email": "your@email.com",
+      "password": "your_password",
+      "totp": "JBSWY3DPEHPK3PXP"
+    }
+  ]
+}
+```
+
+---
+
+## 🎯 Multiple Accounts
+
+```json
+{
+  "accounts": [
+    {
+      "email": "account1@email.com",
+      "password": "password1",
+      "totp": "SECRET1"
+    },
+    {
+      "email": "account2@email.com",
+      "password": "password2",
+      "totp": "SECRET2"
+    }
+  ]
+}
+```
+
+---
+
+## 🌐 Per-Account Proxy (Optional)
+
+```json
+{
+  "accounts": [
+    {
+      "email": "your@email.com",
+      "password": "password",
       "totp": "",
-      "recoveryEmail": "your_email@domain.com",
       "proxy": {
         "proxyAxios": true,
-        "url": "",
-        "port": 0,
-        "username": "",
-        "password": ""
+        "url": "proxy.example.com",
+        "port": 8080,
+        "username": "proxyuser",
+        "password": "proxypass"
       }
     }
   ]
 }
 ```
 
-- `totp` (optional): Base32 secret for Time‑based One‑Time Passwords (2FA). If set, the bot generates the 6‑digit code automatically when asked by Microsoft.
-- `recoveryEmail` (optional): used to validate masked recovery prompts.
-- `proxy` (optional): per‑account proxy config. See the [Proxy guide](./proxy.md).
-
-## How to get your TOTP secret
-1) In your Microsoft account security settings, add an authenticator app.
-2) When shown the QR code, choose the option to enter the code manually — this reveals the Base32 secret.
-3) Copy that secret (only the text after `secret=` if you have an otpauth URL) into the `totp` field.
-
-Security tips:
-- Never commit real secrets to Git.
-- Prefer `ACCOUNTS_FILE` or `ACCOUNTS_JSON` in production.
-
-## Examples
-- Single account, no 2FA:
-```
-{"accounts":[{"email":"a@b.com","password":"pass","totp":"","recoveryEmail":"","proxy":{"proxyAxios":true,"url":"","port":0,"username":"","password":""}}]}
-```
-
-- Single account with TOTP secret:
-```
-{"accounts":[{"email":"a@b.com","password":"pass","totp":"JBSWY3DPEHPK3PXP","recoveryEmail":"","proxy":{"proxyAxios":true,"url":"","port":0,"username":"","password":""}}]}
-```
-
-- Multiple accounts:
-```
-{"accounts":[
-  {"email":"a@b.com","password":"pass","totp":"","recoveryEmail":"" ,"proxy":{"proxyAxios":true,"url":"","port":0,"username":"","password":""}},
-  {"email":"c@d.com","password":"pass","totp":"","recoveryEmail":"" ,"proxy":{"proxyAxios":true,"url":"","port":0,"username":"","password":""}}
-]}
-```
-
-## Troubleshooting
-- “accounts file not found”: ensure the file exists, or set `ACCOUNTS_FILE` to the correct path.
-- 2FA prompt not filled: verify `totp` is a valid Base32 secret; time on the host/container should be correct.
-- Locked account: the bot will log and skip; resolve manually then re‑enable.
+→ **[Full Proxy Guide](./proxy.md)**
 
 ---
 
-## 🔗 Related Guides
+## 🔒 Environment Variables (Docker/CI)
 
-- **[Getting Started](./getting-started.md)** — Initial setup and configuration
-- **[Docker](./docker.md)** — Container deployment with accounts
-- **[Security](./security.md)** — Account protection and incident response
-- **[NTFY Notifications](./ntfy.md)** — Get alerts for login issues
+### Option 1: File Path
+```bash
+export ACCOUNTS_FILE=/path/to/accounts.json
+```
+
+### Option 2: Inline JSON
+```bash
+export ACCOUNTS_JSON='{"accounts":[{"email":"test@example.com","password":"pass"}]}'
+```
+
+---
+
+## 🛠️ Troubleshooting
+
+| Problem | Solution |
+|---------|----------|
+| **"accounts.json not found"** | Create file or set `ACCOUNTS_FILE` env var |
+| **"2FA prompt not auto-filled"** | Check TOTP secret is valid Base32 |
+| **"Invalid TOTP"** | Verify system time is correct |
+| **"Account locked"** | Manually unlock in Microsoft Account |
+| **"Login timeout"** | Check internet connection, try proxy |
+
+### 2FA Not Working?
+
+1. **Check secret format** — Should be Base32 (only letters/numbers, no spaces)
+2. **Verify system time** — Must be accurate (NTP sync)
+3. **Test manually** — Use authenticator app to verify code works
+4. **Remove backup codes** — Some security settings block TOTP
+
+---
+
+## 🔒 Security Tips
+
+- 🔐 **Use strong passwords** — Unique for each account
+- 🔑 **Enable TOTP** — More secure than SMS
+- 📁 **Restrict file permissions** — `chmod 600 accounts.json` (Linux)
+- 🔄 **Rotate passwords** — Change every 90 days
+- 🚫 **Never commit** — Add `accounts.json` to `.gitignore`
+
+---
+
+## 📚 Next Steps
+
+**TOTP setup?**  
+→ **[Security Guide](./security.md)** for best practices
+
+**Ready for automation?**  
+→ **[Scheduler Setup](./schedule.md)**
+
+**Need proxies?**  
+→ **[Proxy Guide](./proxy.md)**
+
+---
+
+**[← Back to Hub](./index.md)** | **[Getting Started](./getting-started.md)**