Relax requirement for 128 bit totp secrets

[Fingel]

totp-rs is strictly RFC6238 compliant. This is a good thing, but the reality is many sites/apps are still using 80 bit secrets for TOTP. These include Github, Discord, Paypal, among others. The author of totp-rs added a function from_url_unchecked to address this in this issue: https://github.com/constantoine/totp-rs/issues/46. I suggest we use it here so that ripasso can be used practically for totp.

[alexanderkjall]

This sounds like a good suggestion, thanks a lot for the pull request (both of them).

I will try to make time to review them later this week.