From eceba7a9113639e7d274af55f8adacca0779bcf7 Mon Sep 17 00:00:00 2001 From: baarkerlounger Date: Thu, 3 Feb 2022 15:40:21 +0000 Subject: [PATCH] OTP code 5 digits consistent with notify gateway --- config/initializers/devise.rb | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb index 7b48556a7..de41a7b75 100644 --- a/config/initializers/devise.rb +++ b/config/initializers/devise.rb @@ -313,10 +313,9 @@ Devise.setup do |config| # 2FA config.max_login_attempts = 3 # Maximum second factor attempts count. config.allowed_otp_drift_seconds = 30 # Allowed TOTP time drift between client and server. - config.otp_length = 6 # TOTP code length - config.direct_otp_valid_for = 5.minutes # Time before direct OTP becomes invalid - config.direct_otp_length = 6 # Direct OTP code length + config.otp_length = 5 # TOTP code length config.direct_otp_valid_for = 15.minutes # Time before direct OTP becomes invalid + config.direct_otp_length = 5 # Direct OTP code length config.remember_otp_session_for_seconds = 1.day # Time before browser has to perform 2fA again. Default is 0. config.otp_secret_encryption_key = ENV["OTP_SECRET_ENCRYPTION_KEY"] config.second_factor_resource_id = "id" # Field or method name used to set value for 2fA remember cookie