User talk:Brad Linden/Login MFA

From Second Life Wiki
Revision as of 03:44, 9 February 2022 by Henri Beauchamp (talk | contribs) (Created page with "Greetings Brad. I am backporting the MFA support to my viewer (the Cool VL Viewer) which, being a v1 viewer, does things differently to LL's viewer and TPVs based on it. Noth...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Greetings Brad. I am backporting the MFA support to my viewer (the Cool VL Viewer) which, being a v1 viewer, does things differently to LL's viewer and TPVs based on it.

Nothing difficult (*), but I'd like to make sanity checks in my code for the MFA hash I will store (in an LLXORCipher'ed and LLBase64-encoded form) in the user per-account settings (no LLSecAPIHandler in my viewer, and not planing/wanting to backport it). The sanity check is especially useful when retrieving the stored ciphered/encoded hash and decoding/deciphering it.

I therefore need to know whether the MFA hash got a fixed size or not, and if yes, what size it is; is it a MD5 or SHA1 hash, for example ?

So, if you could add details to the API specs about it, it would be great. :-)

Thank you in advance !

(*) If we except the fact that I do not own a smartphone and will not be able to even test my code !... Could we please get (at least on Aditi, for example) simple (plain text) email-based MFA so that viewer developers (I know that at least NiranV is in the same case as myself) can test the feature with their implementation without the need for a smartphone or any other third party device/application ?