Comments (5)
RobThree
commented on May 23, 2024
You just generate some random strings/codes and store them with the useraccount. This is not something this library provides (you could use (part of) the output of the createSecret() method to generate some backup codes I guess).
from twofactorauth.
developing-off
commented on May 23, 2024
Ah okay can you show me a code how to do that ? i would generate 6 back up code
from twofactorauth.
RobThree
commented on May 23, 2024
Use a for-loop or something? The basics are:
- Generate X-number of codes using
createCode()or any other means to generate a random string (make sure you have a decent amount of entropy, I suggest at least 10 bytes) - Show codes to user
- Store codes in database or file or whatever
This is all highly dependent on your code, your environment, everything. There's no "THE" way to do this, there's infinite ways to do this (some better than others, ofcourse). But please understand that github issues are not a support forum for general programming questions. You might want to try stackoverflow or similar sites for that.
from twofactorauth.
willpower232
commented on May 23, 2024
I would suggest using something like bin2hex(random_bytes(10)) to create the secrets and then use whatever password hashing algorithm from the framework in use to store them securely.
from twofactorauth.
developing-off
commented on May 23, 2024
okay thank you for your help
from twofactorauth.
Related Issues (20)
- QR Code Expiring HOT 2
- Security Risk: using `QRServerProvider` as default provider HOT 14
- CodeIgniter 4 Integration HOT 2
- QR Code doesn't work with Dashlane HOT 12
- Incompatible with endroid/qr-code > 5.0.0 HOT 6
- Use SensitiveParameter class HOT 12
- Slimming down the lib further HOT 6
- getQRCodeImage(): Return value must be of type string, bool returned HOT 2
- minimal version HOT 2
- Fatal error: Uncaught Error: Class 'RobThree\Auth\Providers\Rng\CSRNGProvider' not found HOT 2
- Fatal error: Uncaught Error: Call to undefined function RobThree\Auth\Providers\Time\socket_create() HOT 4
- 2fa HOT 1
- Google / MS Authenticator HOT 10
- endroid/qr-code compatibility issue HOT 1
- Newly generated secrets failing to verify codes HOT 13
- Deprecation warning in PHP8 HOT 6
- Version mismatch HOT 6
- Account name in MS Authenticator HOT 18
- How to migrate to new server HOT 11
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from twofactorauth.