sabreW4K3@lazysoci.al to

Tech@programming.dev · 8 months ago

How random are TOTP codes? – Terence Eden’s Blog

3

cross-posted to:
[email protected]

23

How random are TOTP codes? – Terence Eden’s Blog

sabreW4K3@lazysoci.al to

Tech@programming.dev · 8 months ago

3

cross-posted to:
[email protected]

How random are TOTP codes?

I'm pretty sure that the 2FA codes generated by my bank's TOTP app have a bias towards the number 8 - because eight is an auspicious number. But is that just my stupid meaty brain noticing patterns where none exist? The TOTP algorithm uses HMAC, which in turn uses SHA-1. My aforementioned brain is not clever enough to understand how that works. Although bigger, meatier brains have assured me it is fine. What happens if I sample, say, the next 10 TOTP codes and plot how often digits appear? …

Chat

Technoguyfication
link
fedilink
arrow-up
11·
8 months ago
For anyone who doesn’t read the article, the biases shown in the thumbnail are not the final result. After doing a million runs, every digit had close to the same probability of appearing.

Tech@programming.dev

tech@programming.dev

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: [email protected]

A community for high quality news and discussion around technological advancements and changes

Things that fit:

New tech releases
Major tech changes
Major milestones for tech
Major tech news such as data breaches, discontinuation

Things that don’t fit

Minor app updates
Government legislation
Company news
Opinion pieces

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

71 users / day
84 users / week
135 users / month
568 users / 6 months
33 local subscribers
887 subscribers
77 Posts
498 Comments
Modlog

mods:
Vacant@programming.dev