|
|
|
@ -97,6 +97,7 @@ config.direct_otp_length = 6 # Direct OTP code length
|
|
|
|
|
config.remember_otp_session_for_seconds = 30.days # Time before browser has to perform 2fA again. Default is 0. |
|
|
|
|
config.otp_secret_encryption_key = ENV['OTP_SECRET_ENCRYPTION_KEY'] |
|
|
|
|
config.second_factor_resource_id = 'id' # Field or method name used to set value for 2fA remember cookie |
|
|
|
|
config.delete_cookie_on_logout = false # Delete cookie when user signs out, to force 2fA again on login |
|
|
|
|
``` |
|
|
|
|
The `otp_secret_encryption_key` must be a random key that is not stored in the |
|
|
|
|
DB, and is not checked in to your repo. It is recommended to store it in an |
|
|
|
|