Mixing Software and Hardware tokens?

70 views
Skip to first unread message

Martin Martinec

unread,
Jan 22, 2013, 5:36:56 PM1/22/13
to rcdevs-t...@googlegroups.com
Hi,

We have purchased the C200 hardware tokens, that have a 60 second refresh on them. I have changed this in the OpenOTP setup, but this has broken the Google App, as the refresh rate there is 30 seconds.
Is there a way to mix and match? Or do I need to find a software token that has 60 second refresh?

Thanks in advance

M.

Administrators

unread,
Jan 23, 2013, 1:38:53 AM1/23/13
to RCDevs Security Solutions - Technical
It's an issue on the Google Authenticator which does not respect OTP
length different than 6 and time step different than 30 (when these
parameters are passed in the registration QR). It is supposed to be
supported and documented but it is noted not implemented. So they will
correct this I suppose.

Is it two tokens on the same user or on different users?
If on different users, then you can set the TimeStep per user. Edit
the user and click the "Edit Application Settings" or "Add Settings".
Any Setting in WebADM can be adjusted per user.

If it's on the same user, I propose you to register the GA with HOTP
(event-based). Then your user will have both a Feitian TOTP token and
a GA HOTP software Token. That will work.

On Jan 22, 11:36 pm, Martin Martinec <martin.marti...@gmail.com>
wrote:

Martin Martinec

unread,
Feb 26, 2013, 9:40:38 PM2/26/13
to rcdevs-t...@googlegroups.com
Thanks for the reply.
 
I have eventually located a software token that is compatible with the C200 hardware tokens.
In case anyone else needs this, we are now using the Android Token for Android phones and OATH token for the iPhone
 
Thanks again
 
M.
Reply all
Reply to author
Forward
0 new messages