ASVS Requirement 6.5.3

• Level: 2
• Chapter: V6 Authentication
• Section: V6.5 General Multi-factor authentication requirements
• Source: 0x15-V6-Authentication.md

Description

Verify that lookup secrets, out-of-band authentication code, and time-based one-time password seeds, are generated using a Cryptographically Secure Pseudorandom Number Generator (CSPRNG) to avoid predictable values.