Random secret
ardabeyazoglu opened this issue · 1 comments
ardabeyazoglu commented
Hi,
You commented on random secret generation as below:
Interestingly, the easiest way to get truly random key is just to iterate through the base 32 chars picking random
Why do you think that ? You could easily use random_bytes or openssl_random_pseudo_bytes to create crypto secure random strings. If there is no special reason for that, i would suggest an update / pull request, as it could be cleaner and faster to create the key at once.
dochne commented
Because it's getting a random string of base32 characters, not a random string of bytes.