Communities

Writing
Writing
Codidact Meta
Codidact Meta
The Great Outdoors
The Great Outdoors
Photography & Video
Photography & Video
Scientific Speculation
Scientific Speculation
Cooking
Cooking
Electrical Engineering
Electrical Engineering
Judaism
Judaism
Languages & Linguistics
Languages & Linguistics
Software Development
Software Development
Mathematics
Mathematics
Christianity
Christianity
Code Golf
Code Golf
Music
Music
Physics
Physics
Linux Systems
Linux Systems
Power Users
Power Users
Tabletop RPGs
Tabletop RPGs
Community Proposals
Community Proposals
tag:snake search within a tag
answers:0 unanswered questions
user:xxxx search by author id
score:0.5 posts with 0.5+ score
"snake oil" exact phrase
votes:4 posts with 4+ votes
created:<1w created < 1 week ago
post_type:xxxx type of post
Search help
Notifications
Mark all as read See all your notifications »
Users Search
Help Dashboard Sign In Sign Up
Q&A Blog
Q&A
Posts Tags Edits
Ask Question

Welcome to Codidact Meta!

Codidact Meta is the meta-discussion site for the Codidact community network and the Codidact software. Whether you have bug reports or feature requests, support questions or rule discussions that touch the whole network – this is the site for you.

Comments on Secret Code missing from 2FA Screen

Post

Secret Code missing from 2FA Screen

+4
−1

The secret text is a string of characters that is embedded into the QR code. All 2FA apps then deserialise this QR code into a URI, which contains the secret text and other information regarding timing.

The use of a QR code only without the alternative secret text pasted below makes this very hard. It would be nice to have the secret text there so it can be used in alternative solutions, such as KeePass (seen below).

KeePass prompt

Putting it there on the site means that I wouldn't need to deserialise the QR code to get to that text.

feature-request status-completed
posted over 1 year ago
1y ago by ArtOfCode‭
user card
slick‭
1 0 3 1
History
Why does this post require attention from curators or moderators?
You might want to add some details to your flag.
Why should this post be closed?

2 comment threads

Is the downvote for the idea or its presentation? (2 comments)
Good thought (1 comment)
Is the downvote for the idea or its presentation?
trichoplax‭ wrote over 1 year ago
copy link

I'd be interested to know why this has been downvoted. Here on Meta, a downvote can mean disagreement/disapproval, but it can also mean a post is not worded well.

Does the post need more detail, or is there objection to the idea?

If I understand correctly, the request is to provide only the same information that is already displayed in the form of a QR code, for use in a 2FA app as a TOTP.

Is there reason to think that this would introduce a security issue that is not already present from displaying the QR code?

slick‭ wrote over 1 year ago
copy link

Agreed, not sure why it was lodged? Showing the private key is a popular alternative for quite a lot of websites where the user isn't able to scan the QR code.