Bump secret key length to 32rs-manual-2fa-entry

3 files changed, 3 insertions, 3 deletions

diff --git a/app/controllers/profiles/two_factor_auths_controller.rb b/app/controllers/profiles/two_factor_auths_controller.rb
index 17abcea2068..42579b3eb44 100644
--- a/app/controllers/profiles/two_factor_auths_controller.rb
+++ b/app/controllers/profiles/two_factor_auths_controller.rb
@@ -1,7 +1,7 @@
 class Profiles::TwoFactorAuthsController < Profiles::ApplicationController
   def new
     unless current_user.otp_secret
-      current_user.otp_secret = User.generate_otp_secret(16)
+      current_user.otp_secret = User.generate_otp_secret(32)
       current_user.save!
     end
 
diff --git a/spec/controllers/profiles/two_factor_auths_controller_spec.rb b/spec/controllers/profiles/two_factor_auths_controller_spec.rb
index b7e8583523b..65415f21e55 100644
--- a/spec/controllers/profiles/two_factor_auths_controller_spec.rb
+++ b/spec/controllers/profiles/two_factor_auths_controller_spec.rb
@@ -12,7 +12,7 @@ describe Profiles::TwoFactorAuthsController do
     let(:user) { create(:user) }
 
     it 'generates otp_secret for user' do
-      expect(User).to receive(:generate_otp_secret).with(16).and_return('secret').once
+      expect(User).to receive(:generate_otp_secret).with(32).and_return('secret').once
 
       get :new
       get :new # Second hit shouldn't re-generate it
diff --git a/spec/factories.rb b/spec/factories.rb
index 0f353b842ff..e66ea3ce956 100644
--- a/spec/factories.rb
+++ b/spec/factories.rb
@@ -31,7 +31,7 @@ FactoryGirl.define do
     trait :two_factor do
       before(:create) do |user|
         user.otp_required_for_login = true
-        user.otp_secret = User.generate_otp_secret(16)
+        user.otp_secret = User.generate_otp_secret(32)
       end
     end