/**
* Generates a (semi-)random Secret Key for TOTP generation
*
* @return string
*
* @note Since 3.9.25 we use the secure method "random_bytes" over the original insecure "rand" function.
* The random_bytes function has been backported to outdated PHP versions by the core shipped library paragonie/random_compat
*/
public function generateSecret()
{
$secret = random_bytes($this->_secretLength);
return $this->_base32->encode($secret);
}