|
|
|
|
|
|
by malfist
535 days ago
|
|
|
Oh I know that feeling. We got in hot water because the codes were 6 digits long and security decided we needed to make them eight digits. We pushed back and initially they agreed with us and gave us an exception, but about a year later some compliance audit told them it was no longer acceptable and we had to change it ASAP. About a year after that they told us it needed to be ten characters alphanumeric and we did a find and replace in the code base for "verification code" and "otp" and called them verification strings, and security went away. |
|
|