Stack Overflow
Stack Overflow

Questions tagged [totp]

Time-based One-Time Password algorithm (TOTP) is an algorithm that computes a one-time password from a shared secret key and the current time.

Time-based One-Time Password algorithm (TOTP) is an algorithm that computes a one-time password from a shared secret key and the current time.

TOTP is based on HOTP with a timestamp replacing the incrementing counter.

The current timestamp is turned into an integer time-counter (TC) by defining the start of an epoch (T0) and counting in units of a time interval (TI).

Wiki: https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm

172 questions
3
votes
1 answer

TOTP : Do the seconds count?

On device: If a TOTP is generated now, does it go until the final seconds or does it do it rounded off to the nearest 00? For example, if I generate a TOTP at 22hr:30m:2s:33ms (checked in UTC) is it rounded off to 22hr:30m:0s:00ms and then…
user165242
  • 1,379
  • 2
  • 12
  • 18
2
votes
1 answer

Generating OTP from Secret Key For MultiFactorAuthentication in Python

I noted down the secret key from the platform where I am trying to signin and then scanned the code through Microsoft Authenticator Application. Now I am trying to get the same otp using python libraries like pyotp, otpauth, onetimepassword like I…
Shishank
  • 43
  • 5
2
votes
1 answer

Setting up TOTP MFA with a QR Code using amazon-cognito-identity-js

Issue: I am having difficulty implementing use case 27 from the amazon-cognito-identity-js library, specifically in trying to modify it to use a QR Code. I am able to receive the secret code from "associateSoftwareToken", translate it into a QR…
codiana
  • 39
  • 7
2
votes
1 answer

Azure B2C custom policy Auth app - totpIdentifier issue

I have created a custom policy to use the Authenticator App from the following example code: https://github.com/azure-ad-b2c/samples/blob/master/policies/totp/policy/TrustFrameworkExtensions_TOTP.xml The issue I am having is that it will sign up a…
366Cobra
  • 29
  • 4
2
votes
0 answers

Cannot find any information on 9-digit decimal TOTP key

Long story short, I'm trying to create a front-end for a 2FA app in Python and I encountered something strange. Typical TOTP keys are base-32 numbers with 16 or 32 digits, but one of the accounts I was testing instead has a 9-digit decimal key (for…
64_Tesseract
  • 53
  • 5
2
votes
1 answer

Azure B2C Custom Policy: How do you reset the TOTP settings in the event that a user lost access to there authenticator app?

In my custom policy I used the example here: https://github.com/azure-ad-b2c/samples/tree/master/policies/totp I have TOTP working, but I want to make sure I will be able to reset it if a user doesn't have access to their authenticator app…
Derek J.
  • 1,400
  • 1
  • 14
  • 23
2
votes
1 answer

why my code doesn't generate the same OTP like google authenticator?

someone know why this TOTP code doesn't generate the same OTP like google authenticator??? the SHA1-HASH function is working well, it's just the final OTP that dosen't generated correct. I tried to check everything and I couldn't find where my…
daniel danino
  • 21
  • 3
2
votes
1 answer

How to Handle 26-Byte Secret for Time-based One Time Password?

Secret of Time-based One Time Password are usually 16-byte base32 encoded string. e.g. GitHub 2FA. But for some scenario, it has 26 bytes long. e.g. Tutanota OTP. Often in lower case with whitespaces, like: vev2 qjea un45 3sr4 q4h3 ais4 ci I tried…
Hsin-Yuan Huang
  • 43
  • 4
2
votes
3 answers

Django OTP TOTP - how to display QR code in template

I have successfully implemented two-factor-auth package to my web app however I would like to display QR code to a template when a user is logged in but am unable to do so as it stands. This package uses wizard forms and when a user is prompted to…
rob
  • 143
  • 1
  • 9
2
votes
1 answer

There is some problem in otp verfication with pytotp?

I am using pytotp with flask. Here is my basic code @app.route('/get-otp-secret',methods=['POST']) def getOTPSecret(): return make_response(jsonify(generate_otp_secret()),201) @app.route('/verify-otp',methods=['POST']) def verifyOTP(): …
Shivank Anchal
  • 21
  • 3
2
votes
1 answer

Add 2FA or OTP (via e-mail) to Laravel Fortify 2FA via Authenticator App

I am using Laravel 8.x with Fortify and Jetstream/Livewire with 2FA / OTP turned on: config/fortify.php 'features' => [ Features::registration(), Features::resetPasswords(), Features::emailVerification(), …
SScotti
  • 2,158
  • 4
  • 23
  • 41
2
votes
1 answer

How to auth VPN with Azure AD MFA using TOTP?

I want to auth VPN with Azure AD MFA. I have followed the instructions in the link https://learn.microsoft.com/en-gb/azure/active-directory/authentication/howto-mfa-nps-extension-vpn It works by push notify to the Microsoft authenticator…
Lóng Lực
  • 76
  • 5
2
votes
1 answer

pyotp.TOTP code doesn't match authenticator code

I'm trying to use python's support for TOTP to programmatically get the MFA/2FA code available in the Microsoft authenticator application. My code looks like this: import pyotp import base64 secret = "mysecretkeyhere".encode( "UTF-8" ) b32Secret =…
webdev
  • 21
  • 4
2
votes
2 answers

Why does Cypress skip certain commands

The below test is supposed to scan and authenticate a QR code and use the authentication token received. The last two command(.type) is being skipped. Does anyone have an idea why? I have been stuck here for some time already. getUrlVars is a…
honzaB
  • 33
  • 3
2
votes
1 answer

How to solve the problem of "Access Denied: Invalid token, wrong code"?

A recent school project I was assigned has a coding challenge we have to complete. The challenge has multiple parts, and the final part is uploading to a private GitHub repo and submitting a completion request by making a POST request under certain…
Bug
  • 21
  • 1
  • 4
1
2
3
11 12