Is there any reason why the iOS app the NSUserDefaults mechanism to
store the secrets instead of the Keychain? It's not really considered a
good practice to use the former to store secrets.
If there is no strong reason, would a patch that uses the Keychain be
considered for inclusion into a future release?
I recently got a Nexus 6 with the 5.0.1 Lollipop OS. I noticed that when
the application activates the camera, the image is upside down--making
it hard to orient the phone when capturing the QR code.
I am not sure if this is a design choice or a bug, but wanted to call it
to the attention of the developers in case it is unintentional.
Imagine the server I need to authenticate me (running TOTP authentication)
is hosted in the U.S.,California time for example,and I am in Italy
(smartphone clocked to Italy time).How can the TOTP algorithm,apps deal
with this kind of situation (very usual these days of world
traveling).More,today with cloud hosting and pages being served from
changing data centers around the world (different timestamps) how can TOTP
authentication really work?