2fa icon indicating copy to clipboard operation
2fa copied to clipboard
verified publisher icon simontabor

How to verify Backup Codes for pattern 'xxxx-xxxx-xxxx'

Open MuhammadAbbasAkhtar opened this issue 2 years ago • 2 comments

verifyHOTP generates code in xxxxxx format

backup codes are in xxxx-xxxx-xxxx format

No method for verifying them is available.

How to do that?

MuhammadAbbasAkhtar avatar Apr 06 '23 05:04 MuhammadAbbasAkhtar

Currently, the only solution I can think of is to hash the backup codes using bcrypt and store them in DB, and when the user logs in using the code, compare it via bcrypt.compareSync method

MuhammadAbbasAkhtar avatar Apr 06 '23 05:04 MuhammadAbbasAkhtar

Currently, the only solution I can think of is to hash the backup codes using bcrypt and store them in DB, and when the user logs in using the code, compare it via bcrypt.compareSync method

Yes, that's what I'm thinking. The recovery codes provided in this library are just utility functions.

oneyoung19 avatar Sep 19 '23 09:09 oneyoung19