From 7eb6dc46de3f28abdf80292b14078089a41803a2 Mon Sep 17 00:00:00 2001
From: Richard Steinmetz <richard@steinmetz.cloud>
Date: Thu, 8 Feb 2024 21:10:19 +0100
Subject: [PATCH] fix: reduce secret size to 160 bits

Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
---
 lib/Service/Totp.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/Service/Totp.php b/lib/Service/Totp.php
index d59f12410..eef5ff6d4 100644
--- a/lib/Service/Totp.php
+++ b/lib/Service/Totp.php
@@ -72,7 +72,7 @@ public function hasSecret(IUser $user): bool {
 	}
 
 	private function generateSecret(): string {
-		return $this->random->generate(160, ISecureRandom::CHAR_UPPER.'234567');
+		return $this->random->generate(32, ISecureRandom::CHAR_UPPER.'234567');
 	}
 
 	/**