django-planet
Posts
Blogs
Authors
Search
Posts
Blogs
Feeds
Authors
Home
Blogs
Luke Plant
6 digit OTP for Two Factor Auth (2FA) is brute-forceable in 3 days
May 11, 2019
6 digit OTP for Two Factor Auth (2FA) is brute-forceable in 3 days
published by
Luke Plant
in blog
Luke Plant
original entry
6 digit OTP for Two Factor Auth (2FA) is brute-forceable in 3 days
OTP/TOTP for two factor auth (2FA/MFA) is very easy to misunderstand and implement insecurely
Recent Posts
PyCon Italia 2025
DjangoCon Europe 2025
Checking In Is Fine
Django News - 20 PRs Merged into Django Core This Week Alone! - Mar 28th 2025
Django News - Django 5.2 RC1, Python 3.14 Alpha, and New Security Discussions - Mar 21st 2025
Django 5.2 release candidate 1 released
Removing Model bases from migration state
Checking Current User Permissions in Django Templates
Django Query Optimization - Defer, Only, and Exclude
DSF member of the month - Cory Zue