You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
There are several libraries for creating/verifying TOTP secrets and tokens. It would be trivial to make such a library. QR codes can be created by a few PHP libraries or even by requiring a linux package named "qrencode" and use a shell_exec to generate the image. The secret should be encrypted in the database and decrypted when the user enters the correct password. Or a site secret could be used so the TOTP secret could be used as verification at other times without asking for a password again. Ideally the secret isn't in plaintext.
The text was updated successfully, but these errors were encountered:
There are several libraries for creating/verifying TOTP secrets and tokens. It would be trivial to make such a library. QR codes can be created by a few PHP libraries or even by requiring a linux package named "qrencode" and use a shell_exec to generate the image. The secret should be encrypted in the database and decrypted when the user enters the correct password. Or a site secret could be used so the TOTP secret could be used as verification at other times without asking for a password again. Ideally the secret isn't in plaintext.
The text was updated successfully, but these errors were encountered: