Towards a test-suite for TOTP codes
2fa CyberSecurity HTOP MFA Open Source totp · 11 comments · 1,250 words · Viewed ~7,061 times
Because I'm a massive nerd, I actually try to read specification documents. As I've ranted ad nauseam before, the current TOTP spec is irresponsibly obsolete. The three major implementations of the spec - Google, Apple, and Yubico - all subtly disagree on how it should be implemented. Every other MFA app has their own idiosyncratic variants. The official RFC is infuriatingly vague. That's no…
Continue reading →