-
-
Notifications
You must be signed in to change notification settings - Fork 41
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
MFA provider "google" is really "totp" #25
Comments
Indeed as it's currently built it is a TOTP provider using quite specific settings which are used by the Google Authenticator. TOTP allows 6 or 8 digits and different rotation times. Also "Google Authenticator" is a quite common term used for these TOTP implementation. In my experience not many people are aware of the existence of the TOTP authentication mechanism but most are aware of the "Google Authenticator". About the app usage: Sure, you can use every app / service you like as soon as they support the settings mentioned above: Authy, LastPass, Vault-TOTP, … Regarding the name change: I think this should go along with adding more configuration options for the TOTP provider. For backwards compatibility the provider must also listen to the |
Signed-off-by: Knut Ahlers <knut@ahlers.me>
The fully configurable TOTP provider is implemented into master and will soon be released. The default is now to use |
The MFA provider currently called "google" is just a TOTP implementation and doesn't have anything specifically to do with Google Authenticator. I use a different TOTP wallet app on my phone and haven't noticed any problem with it.
How about having "totp" as the canonical name for this provider and "google" as an alias? This would make it clearer what this provider actually works with.
The text was updated successfully, but these errors were encountered: