IRD 2FA Security

Welcome Guest.

You haven't logged in yet. If you don't have an account you can register now.

Please note this sub-forum does not provide professional finance advice. You should seek advice from a licensed financial advisor.

To post in this sub-forum you must have made 100 posts or have Trust status or have completed our ID Verification.

If investing please consider our affiliate link for new accounts: Sharesies.

Forums › Finance and wealth management › IRD 2FA Security

openmedia

3471 posts

Uber Geek
+1 received by user: 888

Trusted

#320284 26-Jul-2025 15:15

So I just got hit with the new IRD 2FA requirement and FreeOTP under Android rejects their QR code as the security requirements are too low.

Anyone else seen this?

Generally known online as OpenMedia, now working for Red Hat APAC as a Technology Evangelist and Portfolio Architect. Still playing with MythTV and digital media on the side.

openmedia

3471 posts

Uber Geek
+1 received by user: 888

Trusted

#3397301 26-Jul-2025 15:20

So it will load in Bitwarden, but is considered weak by FreeOTP.

Generally known online as OpenMedia, now working for Red Hat APAC as a Technology Evangelist and Portfolio Architect. Still playing with MythTV and digital media on the side.

snj

310 posts

Ultimate Geek
+1 received by user: 224

#3397308 26-Jul-2025 16:28

Hadn't noticed because it was accepted by the Yubikey apps and Bitwarden, but looks like FreeOTP is correct, the IRD OTP key is only 10 bytes long (so 80 bits), versus the standard 20 (160 bits) and minimum recommended 128 bits - https://www.rfc-editor.org/rfc/rfc4226.html#section-4 (R6)

Backtracked through the FreeOTP code to find the reason, but yeah seems poor form of IRD.

lxsw20

3710 posts

Uber Geek
+1 received by user: 2190

Subscriber

#3397310 26-Jul-2025 16:46

Didn't even know they had MFA, so thanks for the heads up.

muppet

2666 posts

Uber Geek
+1 received by user: 1684

Trusted

#3397312 26-Jul-2025 17:03

I was really impressed recently because they let me add my Yubikeys as 2FA tokens. i.e. they support Passkeys/FIDO

News and reviews »

Synology Expands All-Flash Enterprise Storage Lineup with FS6420 and FS3420
Posted 7-May-2026 13:39

TVNZ+ Launches FIFA World Cup 2026 Event Pass
Posted 4-May-2026 08:36

Cricut Joy 2 Review
Posted 28-Apr-2026 15:41

Amazon Launches New Fire TV Stick HD and Fire TV Stick 4K Select
Posted 22-Apr-2026 08:45

Dyson Clean+Wash Hygiene Floor Cleaner Review
Posted 17-Apr-2026 14:40

Blink Outdoor 2K Security Camera Review
Posted 17-Apr-2026 10:28

Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.

Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Support Geekzone »

You can support Geekzone with a one-off or recurring donation via PressPatron.

RSS feeds: Main feed; Forums feed

Site features: Geekzone BI dashboard; Geekzone Badges; Geekzone Status Page

Site Information: Subscribe to Geekzone; Privacy Statement; Forum Usage Guidelines (FUG); Advertising; Trademark and copyright