TOTP based multi factor authentication for sensitive actions

5816 views

                  secret = ROTP::Base32.random
current_user.update!(otp_secret: secret)

totp = ROTP::TOTP.new(secret, issuer: 'CodeSnips')
provisioning_uri = totp.provisioning_uri(current_user.email)

I use MFA not only at login but also for high-risk step-up flows like email change or payout setup. TOTP is straightforward to implement if secrets are handled carefully and backup codes are part of the design. Recovery flow quality matters as much as the happy path.

Kai Nakamura

More from Kai Nakamura

TOTP based multi factor authentication for sensitive actions

0 Comments

More from Kai Nakamura