django-planet
Posts
Blogs
Feeds
Authors
Posts
Blogs
Authors
Search
Home
Blogs
Luke Plant
6 digit OTP for Two Factor Auth (2FA) is brute-forceable in 3 days
May 11, 2019
6 digit OTP for Two Factor Auth (2FA) is brute-forceable in 3 days
published by
Luke Plant
in blog
Luke Plant
original entry
6 digit OTP for Two Factor Auth (2FA) is brute-forceable in 3 days
OTP/TOTP for two factor auth (2FA/MFA) is very easy to misunderstand and implement insecurely
Recent Posts
Django News - django.tasks exists - Sep 26th 2025
Feature Flags: Deploy to some of the people all of the time, and all of the
Just-in-Time Development with Django and HTMX: Faster, Leaner, and Smarter
Anatomy of a Database Operation
One Thousand and One Django Sites
Europe, Django and two-factor authentication
Django Admin at Scale: From Milliseconds to Microseconds 🚀
Day 3 Lightning Talks
Closing session
Recap