Open EttiFeyzi opened 1 year ago
Currently, our application stores and verifies OTP codes without hashing them. This poses a security risk as an attacker who gains access to the database can potentially use the OTP codes to authenticate as a user.
Currently, our application stores and verifies OTP codes without hashing them. This poses a security risk as an attacker who gains access to the database can potentially use the OTP codes to authenticate as a user.