From c000dff08a551fe9c4988fbfb0506c71c9656485 Mon Sep 17 00:00:00 2001
From: David Roetzel <david@roetzel.de>
Date: Fri, 27 Sep 2024 12:05:23 +0200
Subject: [PATCH] Increase length of OTP secret

---
 app/models/user.rb | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/app/models/user.rb b/app/models/user.rb
index e235591551..26eb47be2e 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -64,7 +64,8 @@ class User < ApplicationRecord
   ACTIVE_DURATION = ENV.fetch('USER_ACTIVE_DAYS', 7).to_i.days.freeze
 
   devise :two_factor_authenticatable,
-         otp_secret_encryption_key: Rails.configuration.x.otp_secret
+         otp_secret_encryption_key: Rails.configuration.x.otp_secret,
+         otp_secret_length: 26
 
   devise :two_factor_backupable,
          otp_number_of_backup_codes: 10