Hi, I use the spakeasy module to generate the opt.
I found a different QR code on Android and iPhone.
Android ignores algorithm options and makes QR code
The iPhone uses an algorithm option to create QR code.
So even during verification, Android has no algorithm option.
The iPhone should have an algorithm option.
If authentication fails once more, I am adding an algorithm option to proceed with authentication once more.
But I think there is another way.
In the other issue, Androids should use sha1.
But isn't using sa1 vulnerable to security?
Last I would like to know the recommended length from the generateSecret.
Security is an important project. Please refer.
Leekyungun
commented
6 years ago
Hi, I use the spakeasy module to generate the opt.
I found a different QR code on Android and iPhone.
Android ignores algorithm options and makes QR code The iPhone uses an algorithm option to create QR code.
So even during verification, Android has no algorithm option. The iPhone should have an algorithm option.
If authentication fails once more, I am adding an algorithm option to proceed with authentication once more. But I think there is another way. In the other issue, Androids should use sha1. But isn't using sa1 vulnerable to security?
Last I would like to know the recommended length from the generateSecret. Security is an important project. Please refer.
Thank you~!