mirror of
https://github.com/1f349/twofactor.git
synced 2024-12-22 07:24:12 +00:00
commit
cc1b87fe43
@ -33,8 +33,8 @@ This package implements the RFC 6238 OATH-TOTP algorithm;
|
|||||||
### Storing Keys
|
### Storing Keys
|
||||||
|
|
||||||
> **The key is created using Golang crypto random function. It's a secret key and therefore**
|
> **The key is created using Golang crypto random function. It's a secret key and therefore**
|
||||||
> it needs to be protected against unauthorized access. The key cannot be leaked, otherwise the security is complitely compromised.
|
> it needs to be protected against unauthorized access. The key cannot be leaked, otherwise the security is completely compromised.
|
||||||
> The key is presented to the user in a form of QR Code. Once scanned the key should be revealed again.
|
> The key is presented to the user in a form of QR Code. Once scanned the key should never be revealed again.
|
||||||
> In addition when the QR cide is shared with the client for scanning, the connection used must be secured.
|
> In addition when the QR cide is shared with the client for scanning, the connection used must be secured.
|
||||||
|
|
||||||
The `totp` struct can be easily serialized using the `ToBytes()` function.
|
The `totp` struct can be easily serialized using the `ToBytes()` function.
|
||||||
|
Loading…
Reference in New Issue
Block a user