TOTP for 2FA is incredibly easy to implement. So what’s your excuse?
Time-based one-time passwords are one of the more secure approaches to 2FA
— certainly much better than SMS. And it’s much easier to implement than
SMS as well. The algorithm is as follows:

1. Divide the current Unix timestamp by 30
   
2. Encode it as a 64-bit big endian integer
   
3. Write the encoded bytes to a SHA-1 HMAC initialized with the TOTP shared key
   
4. Let offs = hmac

@prologic@twtxt.net I mean he is very sour on Mastodon/ActivityPub, so it’s not outside the realm of possibility…