69cc62a931d54a0f8edbf51c33d18ea28dbb1495
HIGH: Previous implementation used 30-second timestamp windows, allowing TOTP codes to be reused multiple times within the same window via concurrent requests or brute force attacks. Changes: - Track individual used codes instead of timestamps - Store last 5 used codes with expiration (90 seconds) - Reduce acceptance window to ±30s (valid_window=1) - Automatically clean up expired codes Security Impact: - Prevents TOTP code reuse attacks - Blocks brute force attempts within time windows - Strengthens 2FA protection significantly Tests: All TOTP tests passing, replay protection verified
Description
Languages
Python
58.2%
Svelte
32.2%
JavaScript
5.6%
Shell
3.3%
Dockerfile
0.3%
Other
0.3%