Stack Overflow
Stack Overflow

Questions tagged [totp]

Time-based One-Time Password algorithm (TOTP) is an algorithm that computes a one-time password from a shared secret key and the current time.

Time-based One-Time Password algorithm (TOTP) is an algorithm that computes a one-time password from a shared secret key and the current time.

TOTP is based on HOTP with a timestamp replacing the incrementing counter.

The current timestamp is turned into an integer time-counter (TC) by defining the start of an epoch (T0) and counting in units of a time interval (TI).

Wiki: https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm

172 questions
2
votes
1 answer

"Remember Me" with enabled totp authentication in WSO2 Identity Server doesn't work

I have a running productive WSO2 Identity Server (Version wso2is-5.6.0) and a new clean testing instance (Version 5.9.0) and using identity providers with 2Factor authentication. (basic and totp). When both of them are active, the "rember me"…
FabianOX
  • 23
  • 4
2
votes
1 answer

Using one secret for generating totp vs multiple secrets

I want to use google authenticator and totp algorithm for 2fa on my website. I have 2 questions for generating the QR secret. I planned to use vault to store the secrets to be more secure but my question is there any other way to generate the secret…
taraf
  • 777
  • 2
  • 10
  • 28
2
votes
0 answers

Token-specific claims for 2FA

I am looking to implement my own custom 2FA (TOTP-based, e.g. usable by Google Authenticator and similar apps) for Firebase Authentication (using email/password authentication). Verifying the code is simple. Implement TOTP or use a library in a…
Potassium Ion
  • 2,075
  • 1
  • 22
  • 39
2
votes
1 answer

What OCRASuite value uses 'Protectimus' in OATH Challenge-Response Algorithm?

I have problem with OCRA generation, the client and server need to agree on one or two values of OCRASuite but I can't find any information about OCRASuite on official PROTECTIMUS site.
Waka Waka
  • 95
  • 1
  • 7
2
votes
0 answers

How to save Two Factor Auth TOTP Secret?

I'm currently developing two factor authentication based on totp. For this you have to generate a secret and save it on the server side and on the client-side (usually through the QR code). My Question: How do I store it in the database? My…
Dev0r
  • 193
  • 2
  • 13
1
vote
2 answers

Cannot validate Authy TOTP via Java API

I would like to authenticate my users with the Authy Mobile App and TOTP. I created these two test cases, besed on this guide https://www.twilio.com/docs/verify/quickstarts/totp#verify-a-user I can create a Factor. But no matter what I do, I cannot…
Robert
  • 1,579
  • 1
  • 21
  • 36
1
vote
1 answer

django-two-factor-auth[phonenumbers] got a redundant migration -> psycopg2.errors.DuplicateTable: relation "two_factor_phonedevice" already exists

I'm facing the following database creation table error when spinning up a django project from scratch when I have django-two-factor-auth[phonenumbers] in my requirements. When I run the migrate command, it raises a psycopg2.errors.DuplicateTable…
swiss_knight
  • 5,787
  • 8
  • 50
  • 92
1
vote
0 answers

How to convert Microsoft Authenticator Secret Code for use in other TOTP Applications

Microsoft Authenticator yields an apparent 9-digit base-10 value for its secret code. This format doesn't work with other TOTP applications, which seem to expect Base32 values. Any suggestions for how to convert the authenticator decimal codes into…
ISOAnswers
  • 11
  • 3
1
vote
0 answers

Node js Google Authentication 2 FA Implementation Otp

I want to implement Google 2FA Authentication in node js How can i do this? I used speakeasy js library like below : const qrcode = require('qrcode'); const secret = speakeasy.generateSecret({ name: 'test'//constants.SPEAK_SECRET_CODE }); var…
ilyasg
  • 11
  • 2
1
vote
1 answer

TOTP implementation using C++ and OpenSSL

I am trying to implement TOTP in C++ using OpenSSL. I know there are vast amounts of existing implementations; however, I would like to implement it myself. Currently. I have the following code: bool verifyTOTP(char* code, char* key, int codeLen,…
mbs9
  • 75
  • 8
1
vote
1 answer

Cypress Test to login with keycloak Free OTP or Google Authenticator

as per my understanding we can test the login of user in cypress with OTP by using the package below. https://www.npmjs.com/package/cypress-keycloak. To successfully login I need otp_secret and otp_credential_id below cy.loginOTP({ root:…
Punith kumar
  • 47
  • 6
1
vote
0 answers

Unable to Generate correct TOTP code from Twilio Authy App Node JS

Here is the scenrio, Id like to utilize https://npm.io/package/otplib to generate a TOTP code and verify it with the user input. The issue is that I am unable to generate a code using multiple authy apps that matches the one the totp.generate()…
JavascriptDeveloperMaintwo
  • 33
  • 3
  • 9
1
vote
0 answers

Is it OK for HOTP/TOTP secrets to be stored in plaintext client-side?

I'm trying to implement TOTP in a program that will be run client side. There's a few other questions about storing HOTP/TOTP secrets, but they're about the server-side and aren't completely clear about the client side. Storing any secrets plaintext…
Michael M.
  • 10,486
  • 9
  • 18
  • 34
1
vote
0 answers

Can we verify the last sent OTP in OTP.Net in stateless calls?

I am trying to use OTP.Net to verify login. But I am not quite getting of how to verify the OTP. When I use this code within my one web api method the verify comes true. var totp = new Totp(_otpSecretKey); var totpCode = totp.ComputeTotp(); var…
Pawan Nogariya
  • 8,330
  • 12
  • 52
  • 105
1
vote
1 answer

Issuer label on QR code for 2FA not showing correct value

I am using speakeasy library and qrcode library, to generate an otpauth URL and then transforming it into a QR code, so this can be scanned by an authenticator app for 2FA on my website. I want the authenticator apps to show my website in the…
Dennis
  • 3,044
  • 2
  • 33
  • 52
1 2
3
11 12