Recovery codes #2

New Issue

Closed

opened 2019-05-03 10:43:13 +00:00 by Ghost · 1 comment

Ghost commented 2019-05-03 10:43:13 +00:00

Copy Link

Hello

Is there anyway we can generate recovery/backup codes that my users can use when they loose access to their account or do not have access to google auth app?

Thanks

Hello Is there anyway we can generate recovery/backup codes that my users can use when they loose access to their account or do not have access to google auth app? Thanks

coolaj86 commented 2019-05-03 23:37:33 +00:00

Owner

Copy Link

"recovery codes" are separate from and unrelated to the HTOP/TOTP (aka "Authenticator") standards.

Basically you just crypto.randomBytes(16).toString('hex') yourself a few codes and store them in a database associated with the user, and then mark them as deleted once they're used.

"recovery codes" are separate from and unrelated to the HTOP/TOTP (aka "Authenticator") standards. Basically you just `crypto.randomBytes(16).toString('hex')` yourself a few codes and store them in a database associated with the user, and then mark them as deleted once they're used.

coolaj86 closed this issue 2019-05-04 03:59:55 +00:00

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

master

v1.1.5

v1.1.4

v1.1.3

v1.1.2

v1.1.1

v1.1.0

v1.0.1

v1.0.0

Labels

Clear labels

No items

No Label

Milestone

Clear milestone

No items

No Milestone

Assignees

Clear assignees

No Assignees

2 Participants

Notifications

Subscribe

Due Date

The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: coolaj86/node-authenticator.js#2

No description provided.