ruby 5 lines · 1 tab

TOTP based multi factor authentication for sensitive actions

Kai Nakamura Apr 2026
1 tab
secret = ROTP::Base32.random
current_user.update!(otp_secret: secret)

totp = ROTP::TOTP.new(secret, issuer: 'CodeSnips')
provisioning_uri = totp.provisioning_uri(current_user.email)
1 file · ruby Explain with highlit

I use MFA not only at login but also for high-risk step-up flows like email change or payout setup. TOTP is straightforward to implement if secrets are handled carefully and backup codes are part of the design. Recovery flow quality matters as much as the happy path.

Share this code

Here's the card — post it anywhere.

TOTP based multi factor authentication for sensitive actions — share card
Link copied