Details
-
Spike
-
Resolution: Unresolved
-
Neutral
-
None
Description
This module makes use of an open standard, RFC 6238, TOTP: Time-Based One-Time Password Algorithm. The secret key and corresponding QR code is generated inside Magnolia and the checking is handled by Magnolia. No Google services are used.
Google Authenticator is a popular mobile app for generating one time codes from a private key but many alternatives are available.
By naming Google in the module, do we imply there is a dependency on a proprietary service and could this put people off?