fix(web): use a distinct salt for TOTP authentication

Alinto · Oct 26, 2021 · d751ad9 · d751ad9
1 parent f70d600
commit d751ad9
Showing 1 changed file with 4 additions and 0 deletions.
diff --git a/Documentation/SOGoInstallationGuide.asciidoc b/Documentation/SOGoInstallationGuide.asciidoc
@@ -3142,6 +3142,10 @@ current version of SOGo from the previous release.
 
 [cols="100a"]
 |=======================================================================
+h|5.3.0
+|A new private salt must be generated for users using TOTP. When TOTP is enabled for a user, it will
+be disabled until the user configures it again, which will generate a new private salt.
+
 h|5.1.0
 |The XSRF protection is now enabled by default in SOGo. If you use the C.A.S.  mechanisim, you need
 to disable XSRF by adding `SOGoXSRFValidationEnabled = NO` to your configuration file.