Two-Factor Authentication - weak encryption parameters

Website URL

(please specify the URL of the site on which you are experiencing the problem)

Error Message

(please share the FULL error message you see, if applicable)

Other Information

I tried to set up my 2FA in an OTP app, but it said the token’s encryption parameters were weak and it strongly discouraged using it. It gave me no more information than that.
The OTP app forums suggested: FreeOTP requires that tokens have at least 128bit (26 base32 coded digis).
Any chance this change can be made?

Our current TOTP application uses 80 bits keys, which is still a very common key length. We’ll investigate changing this, I don’t know if all popular TOTP apps support longer keys.

4 Likes

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.