You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I use the user's hashed password generated by Bcript.hash(password, 10) as totp secret. The thing is totp.check() isn't guaranteed to return true even if the token is right. Is that Bcrypt hashed secret the reason?
I use the user's hashed password generated by Bcript.hash(password, 10) as totp secret. The thing is totp.check() isn't guaranteed to return true even if the token is right. Is that Bcrypt hashed secret the reason?