From 1b36ac6950e08aeea6e8396c469fa3b4bff927f6 Mon Sep 17 00:00:00 2001
From: Clar Charr <clar@charr.xyz>
Date: Wed, 20 Jun 2018 20:06:32 -0400
Subject: [PATCH] Increase default TOTP secret size to 320 bits

---
 routers/user/setting/security_twofa.go | 1 +
 1 file changed, 1 insertion(+)

diff --git a/routers/user/setting/security_twofa.go b/routers/user/setting/security_twofa.go
index 55101ed1a4895..cb61b9e270258 100644
--- a/routers/user/setting/security_twofa.go
+++ b/routers/user/setting/security_twofa.go
@@ -76,6 +76,7 @@ func twofaGenerateSecretAndQr(ctx *context.Context) bool {
 	if otpKey == nil {
 		err = nil // clear the error, in case the URL was invalid
 		otpKey, err = totp.Generate(totp.GenerateOpts{
+			SecretSize:  40,
 			Issuer:      setting.AppName + " (" + strings.TrimRight(setting.AppURL, "/") + ")",
 			AccountName: ctx.User.Name,
 		})