Recovery codes #2

Closed
opened 2019-05-03 10:43:13 +00:00 by Ghost · 1 comment

Hello

Is there anyway we can generate recovery/backup codes that my users can use when they loose access to their account or do not have access to google auth app?

Thanks

Hello Is there anyway we can generate recovery/backup codes that my users can use when they loose access to their account or do not have access to google auth app? Thanks
Owner

"recovery codes" are separate from and unrelated to the HTOP/TOTP (aka "Authenticator") standards.

Basically you just crypto.randomBytes(16).toString('hex') yourself a few codes and store them in a database associated with the user, and then mark them as deleted once they're used.

"recovery codes" are separate from and unrelated to the HTOP/TOTP (aka "Authenticator") standards. Basically you just `crypto.randomBytes(16).toString('hex')` yourself a few codes and store them in a database associated with the user, and then mark them as deleted once they're used.
Sign in to join this conversation.
No Label
No Milestone
No Assignees
2 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: coolaj86/node-authenticator.js#2
No description provided.