Increase default TOTP secret size to 320 bits (#4287)
This commit is contained in:
parent
9d4c1ddfa1
commit
c71ee33057
1 changed files with 1 additions and 0 deletions
|
@ -76,6 +76,7 @@ func twofaGenerateSecretAndQr(ctx *context.Context) bool {
|
||||||
if otpKey == nil {
|
if otpKey == nil {
|
||||||
err = nil // clear the error, in case the URL was invalid
|
err = nil // clear the error, in case the URL was invalid
|
||||||
otpKey, err = totp.Generate(totp.GenerateOpts{
|
otpKey, err = totp.Generate(totp.GenerateOpts{
|
||||||
|
SecretSize: 40,
|
||||||
Issuer: setting.AppName + " (" + strings.TrimRight(setting.AppURL, "/") + ")",
|
Issuer: setting.AppName + " (" + strings.TrimRight(setting.AppURL, "/") + ")",
|
||||||
AccountName: ctx.User.Name,
|
AccountName: ctx.User.Name,
|
||||||
})
|
})
|
||||||
|
|
Loading…
Reference in a new issue