ruby
5 lines · 1 tab
Kai Nakamura
Apr 2026
1 tab
secret = ROTP::Base32.random
current_user.update!(otp_secret: secret)
totp = ROTP::TOTP.new(secret, issuer: 'CodeSnips')
provisioning_uri = totp.provisioning_uri(current_user.email)
1 file · ruby
Explain with highlit
I use MFA not only at login but also for high-risk step-up flows like email change or payout setup. TOTP is straightforward to implement if secrets are handled carefully and backup codes are part of the design. Recovery flow quality matters as much as the happy path.
Share this code
Here's the card — post it anywhere.