![]() Agree upon a cryptographic hash method (default is SHA-1).Agree upon an epoch, T0, and an interval, TI, which will be used to calculate the value of the counter C (defaults are the Unix epoch as T0 and 30 seconds as TI).Generate a key, K, which is an arbitrary bytestring, and share it securely with the client.Implement this algorithm using HMAC-SHA1 and an optional step is to generate the random Base-32 string used as the secret key, but this is not a requirement.Ī reference implementation, based on JavaScript, can be found at the following location:Īccording to RFC 6238, the reference implementation is as follows: It is the cornerstone of Initiative For Open Authentication (OATH) and is used in a number of two factor authentication systems.Įssentially, both the server and the client compute the time-limited token, then the server checks if the token supplied by the client matches the locally generated token. ![]() (See links for details on variance)Ī Time-based One-time Password Algorithm (TOTP) is an algorithm that computes a one-time password from a shared secret key and the current time. As with Rosetta Code, the text of Wikipedia is available under the GNU FDL. The list of authors can be seen in the page history. The original article was at Time-based one-time password algorithm. It is not yet considered ready to be promoted as a complete task, for reasons that should be found in its talk page. Time-based one-time password algorithm is a draft programming task.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |