All the document says the default hash algorithm of TOTP is SHA1, but apparently the code says it is SHA256.
Screenshot of the document
Screenshot of the code
Althrough sha256 may be more secured than sha1. Still most authenticator apps(Microsoft or Google) do not support it. I guess it's more suitable to set the default SHA1.
All the document says the default hash algorithm of TOTP is SHA1, but apparently the code says it is SHA256.
Screenshot of the document
Screenshot of the code
Althrough sha256 may be more secured than sha1. Still most authenticator apps(Microsoft or Google) do not support it. I guess it's more suitable to set the default SHA1.