@ -14,7 +14,7 @@ The license for this program is Apache 2.0. It comes with no warranty of any kin
The development is an early work-in-progress but should be stable enough for daily use.
Keys are currently stored in plain text in a `twofap.ini` file in the current working directory (not necessarily the same directory as the binary itself). It is up to the user to make sure this file does not fall into the wrong hands. Later I might add an option to encrypt the file or something, but right now it is not a priority for me... 2FA is troublesome enough, I don't need 3FA.
On Windows and *nix, keys are currently stored in plain text in a `twofap.ini` file in the current working directory (not necessarily the same directory as the binary itself). On OSX it is in `~/Library/Application Support/twofap`. It is up to the user to make sure this file does not fall into the wrong hands. Later I might add an option to encrypt the file or something, but right now it is not a priority for me... 2FA is troublesome enough, I don't need 3FA.
The actual handling of the TOTP keys and the code generation itself is done using the public domain "libcppotp" library from Ondřej Hošek at https://github.com/RavuAlHemio/cpptotp. Thanks very much for that.