Performance Issues with DefaultSecretGenerator #62
Description
Hi,
We are seeing performance bottlenecks with the TOTP library secrets generation. We are using single instance of DefaultSecretGenerator for generating the secrets in the application
The implementation of DefaultSecretGenerator is using SecureRandom for generating the strong cryptographic random number. Even though the SecureRandom ensures threadsafe, it can potentially induce bottlenecks/latency on large loads
Is the recommendation to use new instance of DefaultSecretGenerator for every request or maintain a pool of DefaultSecretGenerator? Or is this the above theory incorrect?