DEV Community

Discussion on: Generating 2FA One-Time Passwords in JS Using Web Crypto API

Collapse
 
al_khovansky profile image
Alexander Khovansky

Hello there! Thank you for testing the demo and very sorry for such a huge delay in my response. Somehow dev.to never sends me emails about new comments :(

After some debugging and digging, I remembered the whole base32 deal. When creating this demo, for reasons I don't remember, I did not implement conversion of the input string from base32 and instead left it to be treated as plain UTF-8.
While this works for the test cases provided in RFC4226, it does not work with real world applications, which use base32.

I grabbed a base32 to ArrayBuffer conversion function from another library, put it into the demo and did a quick test against and AWS account comparing the codes to google authenticator. This way, it works!

Thanks for reporting this. I will think about how to incorporate this into article and the demo and push an update.