|
|
|
|
|
|
by 29J
4311 days ago
|
|
|
I recently implemented TOTP authentication[1] for a webapp of mine. Then I decided to extract it into its own web service offering, because I thought it was one of those things that was easy for people to implement insecurely if they weren't careful. This is the V1. I'm trying to get a sense of whether implementing TOTP auth is a pain point for anyone and to develop this project further. The way it works is that you redirect your website's users to it for authentication or master secret provisioning, and it redirects them back to you with a pass/fail response when done. [1] http://en.wikipedia.org/wiki/Time-based_One-time_Password_Al... |
|
|