Do all the things like ++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatarSign Up
ewpratten30100114dDo you have any links to documentation for this?
flocke316114dYeah, the HOTP RFC, on which TOTP is based as well actually allows for a variable length of the token. 6 is just recommended as the minimal value, I assume that's why it is used everywhere.
C0D446510114d@Abrynos maybe at a point where I'm not messing around with it anymore and looking to make it production viable.
Otherwise the RFC isn't too complicated if you've worked with base32 algos before.
Best doc I came across in my journeys last night which got me to the secret key/code
Still need to do the verification side of it.
If you use googles charts to generate a QR code, url encode the otpauth:// part.
C0D446510113dOk, so implementing the 8 digit code is not a good idea.
Android and blackberry ignore the digits part and just generates 6, which makes sense.... not.
Not even google follow the RFC 🤦♂️
Fuck my duck!
Back to 6 I go.
Hell I probably can't use huge base32 seeds either on other devices.