HOTP token changes too fast
42 views
Skip to first unread message
Itaios
May 10, 2016, 4:48:16 AM5/10/16
to privacyidea
Hi
I managed to integrate privacyidea with AD and enroll HOTP tokens in google authenticator flawlessly
However the token generates new code every 10 SECONDS!
This is too fast for the end users to read and type.
How can I configure the new token to change the code every 1 minute?
Thanks
Cornelius Kölbel
May 10, 2016, 4:52:56 AM5/10/16
to priva...@googlegroups.com
HOTP is event based, not time based.
Read RFC4226 and RFC6238, think about it and ask the right question. ;-)
> --
> Please read the blog post about getting help
> https://www.privacyidea.org/getting-help/.
>
> For professional services and consultancy regarding two factor
> authentication please visit
> https://netknights.it/en/leistungen/one-time-services/
>
> In an enterprise environment you should get a SERVICE LEVEL AGREEMENT
> which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
> https://netknights.it/en/leistungen/service-level-agreements/
> ---
> You received this message because you are subscribed to the Google
> Groups "privacyidea" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to privacyidea...@googlegroups.com.
> To post to this group, send email to priva...@googlegroups.com.
> Visit this group at https://groups.google.com/group/privacyidea.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/privacyidea/e8b51914-71d7-455f-a3c3-89f4101f240c%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
--
Cornelius Kölbel
corneliu...@netknights.it
+49 151 2960 1417
NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798
Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel
Read RFC4226 and RFC6238, think about it and ask the right question. ;-)
> Please read the blog post about getting help
> https://www.privacyidea.org/getting-help/.
>
> For professional services and consultancy regarding two factor
> authentication please visit
> https://netknights.it/en/leistungen/one-time-services/
>
> In an enterprise environment you should get a SERVICE LEVEL AGREEMENT
> which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
> https://netknights.it/en/leistungen/service-level-agreements/
> ---
> You received this message because you are subscribed to the Google
> Groups "privacyidea" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to privacyidea...@googlegroups.com.
> To post to this group, send email to priva...@googlegroups.com.
> Visit this group at https://groups.google.com/group/privacyidea.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/privacyidea/e8b51914-71d7-455f-a3c3-89f4101f240c%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
--
Cornelius Kölbel
corneliu...@netknights.it
+49 151 2960 1417
NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798
Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel
Itaios
May 10, 2016, 4:58:26 AM5/10/16
to privacyidea
So what it is the event that trigger the token changes?
in other word - do i have any config file that can handle this ? or this is the default and cannot be changed?
Cornelius Kölbel
May 10, 2016, 6:05:48 AM5/10/16
to priva...@googlegroups.com
You are giving way to few information here and I think you are mixing
some things up here.
An HOTP token will not change at all.
The Google Authenticator does not change a TOTP in 10sec. I am not sure
if it can. You should ask a Google Authenticator Mailing list - we are
not responsible for this.
You can however post a QR Code here, so that we get an idea, what in
fact you are enrolling.
> https://groups.google.com/d/msgid/privacyidea/84812a35-2a7b-4d53-9d02-a9beac668d86%40googlegroups.com.
some things up here.
An HOTP token will not change at all.
The Google Authenticator does not change a TOTP in 10sec. I am not sure
if it can. You should ask a Google Authenticator Mailing list - we are
not responsible for this.
You can however post a QR Code here, so that we get an idea, what in
fact you are enrolling.
Itaios
May 10, 2016, 6:59:19 AM5/10/16
to privacyidea
Hi Cornelius
Eventually I switched TOTP token
thanks !
Reply all
Reply to author
Forward
0 new messages