-
Hi, just thought that this lib is perfect for HOTP / TOTP solutions, except for the base32 part (it currently has base64).
There are other solutions like https://github.com/emn178/hi-base32, https:…
-
Hello,
I have a few federal government agencies asking me about Google Authenticator and NIST SP 800-63 (E-Authentication / Digital Identity Guidelines).
The current version of the spec is SP 800-6…
-
_From @ThomasHabets on October 10, 2014 8:7_
Original [issue 393](https://code.google.com/p/google-authenticator/issues/detail?id=393) created by synikal on 2014-06-19T07:29:02.000Z:
Hi all,
Just w…
-
It would be nice if I could use the paper tokens as backup tokens. I would also like to make them alphanumeric with ten characters.
But it would also be enough for me if I could increase the length…
-
Previously I added this question as a comment in #43 but I believe this merits a new post of its own because it is a different question.
The following problem assume a default expiry duration of 30…
-
Doing a security audit of the code, it appears to be subject to the [year 2038 problem](https://en.wikipedia.org/wiki/Year_2038_problem). Specifically, the following lines are only capable of dealing …
-
Hi,
it would be nice to add 2FA capability to keepasshttp. I recently changed most of my services to 2FA . E.g. my firewall is otp enabled, the credentials comes with keepasshttp, the totp token by…
ghost updated
6 years ago
-
[Rob Winch](https://jira.spring.io/secure/ViewProfile.jspa?name=rwinch) (Migrated from [SEC-2390](https://jira.spring.io/browse/SEC-2390?redirect=false)) said:
Include support for HMAC-Based One-ti…
-
For a secure TOTP I need a method to check the validity of 3 TOTP codes.
In my example I check 24 hours ahead and behind. The 3 codes must exist in this period
and they must be consecutive.
The m…
-
When scanning a QR code from Microsoft's mfasetup on https://aka.ms/mfasetup, I get this warning:
> Token is unsafe!
>
> The token you are attempting to add contains weak cryptographic parameters.…