Stack Overflow
Stack Overflow

Questions tagged [totp]

Time-based One-Time Password algorithm (TOTP) is an algorithm that computes a one-time password from a shared secret key and the current time.

Time-based One-Time Password algorithm (TOTP) is an algorithm that computes a one-time password from a shared secret key and the current time.

TOTP is based on HOTP with a timestamp replacing the incrementing counter.

The current timestamp is turned into an integer time-counter (TC) by defining the start of an epoch (T0) and counting in units of a time interval (TI).

Wiki: https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm

172 questions
1
vote
2 answers

Otp verification in react native

I want to implement auto-fill otp in my react native app. I have implemented this using "react-native-otp-verify" but it requires hash to capture otp. I have found several other packages for this. All of them require a hash code in the sms to be…
Prince Yadav
  • 61
  • 6
1
vote
0 answers

How to secure a mobile App with sms otp and keycloak?

I have the requirement to secure a flutter mobile App with SMS otp as 2FA. We use keycloak as auth server and oidc. I already created a Sms auth spi that implements the flow for Browser flow. Is it also possible to use otp with another flow? I know…
FishingIsLife
  • 1,972
  • 3
  • 28
  • 51
1
vote
2 answers

Using 2FA authentication with classic ASP always returns an invalid response

I'm using this code from GitHub https://github.com/as08/ClassicASP.TwoFactorAuthentication I downloaded the demo site, installed what I needed on the server and everything works perfectly. The demo site has a lot of code so I broke it down into the…
Damien
  • 4,093
  • 9
  • 39
  • 52
1
vote
1 answer

Match the entered OTP with the Generated OTP in ASP.NET Core MVC

I'm building an ASP.NET Core MVC Application in which when the user clicks on "Generate OTP" then a 4 digit OTP is shown to him on the screen and then he has to enter that OTP in an input field and click "Submit OTP" tp submit it. If the OTP is…
Kamran Bajwa
  • 39
  • 2
  • 10
1
vote
1 answer

Is there a way to generate a HOTP with time limitation?

For example, I want to get a HOTP that can only be used in 10 minutes. Not TOTP cause it's possible that when users get the code there are only 10 seconds left.
AkiraVoid
  • 61
  • 8
1
vote
2 answers

Keycloak OTP for read only federated users

I have implemented a custom user storage provider for federating users from our database. I want to manage OTP for those users via keycloak, when I set the OTP to required in the flow and Configure OTP as required action the otp form is shown after…
simonC
  • 4,101
  • 10
  • 50
  • 78
1
vote
0 answers

Openvpn Decode/separate the Static Challenge format for use with PAM

I've inherited an application environment in which users are required to authenticate via Tunnelblick from their Macbooks. There is an Ubuntu box that is dedicated to running OpenVPN Server, version: OpenVPN 2.4.4 x86_64-pc-linux-gnu [SSL (OpenSSL)]…
adevopsperson
  • 11
  • 1
1
vote
0 answers

How to use TOTP codes for NGINX authentication?

I have a very basic NGINX configuration (I've removed the irrelevant parts of the config): events { } http { include /etc/nginx/mime.types; server { listen 80 default_server; server_name _; …
cocomac
  • 518
  • 3
  • 9
  • 21
1
vote
1 answer

How to setup AWS Cognito TOTP MFA?

I am trying to setup MFA authentication using AWS Cognito as a small proof of concept for a work project. I have managed to get username & password with a MFA code sent via SMS working fine. Struggling to get the TOTP method which is shown in use…
dynamo
  • 184
  • 13
1
vote
0 answers

keycloak admin-cli login with OTP

I'm currently using keycloak 15.0.1 keycloak container and i'm trying to configure the TOTP authentication (google authenticator) for the admin account in the default master realm. For this question purpose, i'll be using a local container. The…
Cedric Guindon
  • 354
  • 1
  • 12
1
vote
0 answers

How can I authenticate a user on a device with no internet, using a QR code/mobile device?

I'm trying to design a solution to replace hardware keys. I have an application running on a device that will not have internet access, so it cannot authenticate itself, but could generate a QR code with url parameters that points to a web app that…
cjk94
  • 11
  • 3
1
vote
0 answers

infobip api integration for 2FA in node.js

How to use 2FA (getting an otp during signup) using infobip in node.js? I have to use infobip during signup process by which user will get OTP and verify its mobile number.
Swati Dixit
  • 43
  • 4
1
vote
1 answer

AWS Amplify/Cognito- a way to set TOTP MFA on first time user login only

I'm setting up an authentication where MFA is not optional, which means from the very first login attempt after registration, the user will be asked to set up MFA (in this case I will be using Time Based One Time Passcode, or TOPT). For this, I can…
Abhishek Tirkey
  • 435
  • 1
  • 6
  • 12
1
vote
0 answers

AWS Cognito: After new user logs in with temporary, use SOFTWARE_TOKEN_MFA

I've created a user pool for our development environment, wherein I've made MFA required. Then I create a new user using AdminCreateUser where I pass the phone_number and email of the user. The problem I'm facing is only during e2e Cypress tests.…
abhim
  • 1,126
  • 1
  • 9
  • 19
1
vote
1 answer

How to implement optional two factor authentication with passportjs

I have implemented an API in Express with passportjs local strategy for authentication, now I would like to enforce security by adding the possibility for the user to log in using two factor authentication, for that it exists passport-totp strategy,…
user2968425
  • 33
  • 4
1 2 3
11 12