search

speakeasyjs / speakeasy

**NOT MAINTAINED** Two-factor authentication for Node.js. One-time passcode generator (HOTP/TOTP) with support for Google Authenticator.
MIT License
2.68k stars 229 forks source link

Old secrets doesnt work #142

Open mafianekcek opened 3 years ago

mafianekcek commented 3 years ago

Hello, my users having issues with their 2fa, also mine just stopped to work today, there is no change of the script file for over 1 year and also those secrets are over 1 year old and just stopped work today. Basiacally the

speakeasy.totp.verify({
    secret: userSecret,
    encoding: 'base32',
    token: userToken,
    window: 2,
    step: 60
  });

always return false for old secrets. When I remove my old secret and generate new QR code, I got new secret and then it works. So old secrets are not working, just new ones. Can you please help me?