two-factor icon indicating copy to clipboard operation
two-factor copied to clipboard
verified publisher icon WordPress

Backup Codes (Improve 8 to 12 numbers)

Open JohnPlanetary opened this issue 5 years ago • 3 comments

It would be nice to improve the "Backup Codes" option from 8 numbers to 12 numbers.

Example: 97997695 > 520184887438

These should probably mean than in a online attack scenario (assuming one thousand guesses per second) it should jump from 1.29 days for 8 numbers, to 35.33 years for the 12 numbers.

I think everyone would feel a little less concern with random online guessing with these small improvement.

For human usability maybe use dashes between numbers: 520184887438 would look: 5201-8488-7438

JohnPlanetary avatar Jul 07 '20 04:07 JohnPlanetary

I'd use spaces rather than dashes but making them more readable is a very nice idea.

These should probably mean than in a online attack scenario (assuming one thousand guesses per second)

ratelimiting might be useful here.

but 12 numbers are defintiely not a bad idea.

My1 avatar Aug 01 '20 00:08 My1

#477 / #482 is another approach to solve this problem. It seems better to me, since it detects and fixes the huge problem of the password being compromised.

iandunn avatar Oct 19 '22 17:10 iandunn