From 5bcbce87c23fcac42060775d48f6e4e4a568cbc5 Mon Sep 17 00:00:00 2001 From: antonleviathan Date: Fri, 26 Aug 2022 11:29:39 -0400 Subject: [PATCH] fix type of crypto for TOTP --- content/docs/security/MFA.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/docs/security/MFA.md b/content/docs/security/MFA.md index ff80878..e3c0b71 100644 --- a/content/docs/security/MFA.md +++ b/content/docs/security/MFA.md @@ -25,7 +25,7 @@ message downgrade attack may result in the message being replayed over 2G. Time-based One Time Passwords (TOTP), are one of the more common authentication methods which are relatively good compared to SMS, but still have some -weaknesses. TOTP is based on asymmetric cryptography, which means the secret +weaknesses. TOTP is based on symmetric cryptography, which means the secret used to generate codes is stored by both the client and the authentication server, and can be leaked by being intercepted during the setup process or by being improperly stored on the user's device.