TOTP Implementation Audit
Audit TOTP 2FA implementation: verify secret generation, code validation, and backup code handling.
इस रेसिपी का उपयोग कब करें
Verify your 2FA implementation follows best practices. Test standard and enhanced TOTP configs, ensure backup codes are properly generated and stored.
चरण
TOTP Generator
इस उपकरण को आज़माएं →Generate standard TOTP
TOTP Generator
इस उपकरण को आज़माएं →Generate enhanced TOTP
Secret Generator
इस उपकरण को आज़माएं →Create backup codes
Hash Calculator
इस उपकरण को आज़माएं →Secure backup code storage
अक्सर पूछे जाने वाले प्रश्न
SHA-1 vs SHA-256 for TOTP — does it matter?
SHA-1 is the standard (RFC 6238) and compatible with all authenticator apps. SHA-256 is more secure but not universally supported. Stick with SHA-1 for compatibility.
How many backup codes should I provide?
8-10 single-use codes. Store hashes only (like passwords). Mark as used after each use. Allow regeneration which invalidates all previous codes.
संबंधित रेसिपी
Secure Password Workflow
Generate a strong password, verify its strength, and hash it for storage — a complete password security pipeline.
Web Security Header Audit
Audit your website's security headers, generate a CSP policy, evaluate it, and configure CORS.
JWT Authentication Setup
Set up JWT-based authentication: generate tokens, create signing keys, and implement TOTP for 2FA.
API Security Hardening
Harden your API with HMAC request signing, secure secrets, and SRI for client-side integrity.