Have you considered cryfs?
First of all, let's recap how TOTP works: your authenticator app stores "TOTP password" in an accessible way (some apps store it plaintext, Aegis stores them in an encrypted DB. They can also be stored on Yubikey.). To generate one time code, the app takes the password, concatenates it with current time rounded to 30 seconds and compute a hash from this string.
The resulting hash is used to create a 6 digit code, that you'll enter on login.
To check the code, server repeats the same procedure and compare your result with the just generated one.
As you can see, for this system to work you and the server must use the same hash function.
Conclusion: 1)Hash function in TOTP has nothing to do with password storage, it is used only for TOTP-code generation. 2) Cryptographic security of the hash function is not much a concern here: TOTP code expose an extremely low amount of information about TOTP password, so to reliably recover the password from TOTP-codes you'll have to intercept millions of them.
Legacy systems modernization is a topic that never gets old. We talk to Vadim Zaytsev of Raincode & Raincode Labs to learn how Raincode uses language engineering techniques to save banks millions of dollars that they spend to run their COBOL and PACBASE systems. Listen to find out: What drives compa...
Dr. Vadim Zaytsev a very famous researcher among insiders in the area of software renovation somewhat recently gave an interview to Federico Tomassetti a pretty famous software consultant in the narrow circles of DSL development and legacy systems migrations. (Taken from https://t.me/al_tch)
Geph were not mentioned yet. It will likely not solve the problem mentioned by OP, but it is VERY censorship resistant.
Polylux: a typst presentation package
A package for creating slides in Typst. Contribute to andreasKroepelin/polylux development by creating an account on GitHub.
