Increase default TOTP secret size to 320 bits (#4287)

tokarchuk/v1.17
Clar Charr 6 years ago committed by techknowlogick
parent 9d4c1ddfa1
commit c71ee33057
  1. 1
      routers/user/setting/security_twofa.go

@ -76,6 +76,7 @@ func twofaGenerateSecretAndQr(ctx *context.Context) bool {
if otpKey == nil { if otpKey == nil {
err = nil // clear the error, in case the URL was invalid err = nil // clear the error, in case the URL was invalid
otpKey, err = totp.Generate(totp.GenerateOpts{ otpKey, err = totp.Generate(totp.GenerateOpts{
SecretSize: 40,
Issuer: setting.AppName + " (" + strings.TrimRight(setting.AppURL, "/") + ")", Issuer: setting.AppName + " (" + strings.TrimRight(setting.AppURL, "/") + ")",
AccountName: ctx.User.Name, AccountName: ctx.User.Name,
}) })

Loading…
Cancel
Save