If you discover a security vulnerability in pgp-2fa, please report it responsibly by emailing the repository owner directly rather than opening a public issue.
Include as much detail as possible:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Suggested fix (if any)
We will acknowledge your report within 72 hours and work with you to understand and address the issue before any public disclosure.