Stack Overflow
Stack Overflow

Questions tagged [one-time-password]

One time passwords are designed as single use passwords which expire after use. They are often more secure than single factor authentication methods such as username-password (something the user knows) due to their single use which makes replay attacks impossible

507 questions
111
votes
2 answers

Google Authenticator implementation in Python

I am trying to use one-time passwords that can be generated using Google Authenticator application. What Google Authenticator does Basically, Google Authenticator implements two types of passwords: HOTP - HMAC-based One-Time Password, which means…
Tadeck
  • 117,059
  • 25
  • 140
  • 191
46
votes
9 answers

OTP (token) should be automatically read from the message

I am working on an Android App, in which the server sends an OTP and the user needs to enter this OTP in the App, to SignUp for my App. What I want is, that my App should be able to automatically read the OTP sent by the server. How can I achieve…
user1903022
  • 995
  • 1
  • 10
  • 19
41
votes
12 answers

Automatic OTP verification in iOS?

Is there any way to access data from iPhone inbox(SMS) to ios application to do automatic OTP verification like the one in Android? I shall be grateful for your help.
Rinshad Kammath
  • 411
  • 1
  • 4
  • 3
35
votes
2 answers

How Do Hardware Token Devices work?

Recently, my bank sent me this tiny device that generates a unique code that must be used when performing online transactions, all the device does is generate this unique code when I press a particular white button and it doesn't look like it…
Feyisayo Sonubi
  • 982
  • 4
  • 14
  • 26
19
votes
4 answers

How to auto fetch OTP, if we use multiple text fields

I know that if we want to auto fetch the OTP(if we use single textfield) we need to use otpTextField.textContentType = .oneTimeCode But, If we use multiple textfield(According to following image) how should we achieve this ?
Bhanuteja
  • 579
  • 2
  • 4
  • 16
16
votes
1 answer

Generate a 10-digit TOTP password with a certain key

This problem is related to TOTP as specified in RFC6238 here: https://tools.ietf.org/html/rfc6238#section-1.2. I am to implement the RFC6238 to generate a 10-digit TOTP password, which will be used in a POST request later on. The sample input and…
Nicholas Sadjoli
  • 195
  • 1
  • 1
  • 10
14
votes
4 answers

Generate secret code for password reset

I'm doing a module which allow users to reset password. I noticed how most websites they provide a confirmation link which contain query string that has a unique hash. My question is: How can I generate this unique hash each time the same user…
chrizonline
  • 3,969
  • 15
  • 53
  • 91
13
votes
2 answers

RFC4226 HOTP Java Implementation

I tried to copy the HOTPAlgorithm.java codes (HOTPAlgorithm.java) and compared it against the official HOTP RFC 4226's sample implementation (RFC4226 Page 27) found on Page 27 of the official RFC4226 document. Both the HOTPAlgorithm.java and the…
gsunnic
  • 311
  • 3
  • 8
11
votes
2 answers

Autofill OTP to the TextField when I receive message iPhone app

While registering from my app I was sending OTP to the registered mobile number I want to retrieve that OTP in my app without opening SMS app...When the user received OTP message I need to display that OTP here ...How can I achieve this in iOS? I…
user1986984
  • 121
  • 1
  • 1
  • 8
10
votes
3 answers

Generating hash string for google sms retriever api - 'xxd' is not recognized as an internal or external command

After the google's new policy regarding SMS and Call log permissions, I am trying to implement SMS retriever API for my android application. The tutorial seems easy but I found a problem while creating/generating hash for the same. When I…
Khan Sharukh
  • 761
  • 9
  • 19
10
votes
3 answers

Android one time password (OTP) user registration/opening account

I want to implement OTP functionality in my android application. In this application, after signup user will receive one time password key. After verifying OTP, user will be able to register/open account successfully by using that OTP. What i need…
sachin110011
  • 137
  • 1
  • 2
  • 6
9
votes
1 answer

How to implement two factor auth in Web API 2 using ASP.NET identity?

I have seen this link Two Factor Auth using goolgle authenticator on how to create a two factor authentication in web api, but my requirements are little different. I want to use two factor authentication for issuing an access token. (If the user…
Anand Murali
  • 3,902
  • 1
  • 27
  • 43
9
votes
2 answers

Authorizing a computer to access a web application

I have a web application, and am tasked with adding secure sign-on to bolster security, akin to what Google has added to Google accounts. Use Case Essentially, when a user logs in, we want to detect if the user has previously authorized this…
moribvndvs
  • 40,946
  • 9
  • 129
  • 143
8
votes
2 answers

TOTP Base32 vs Base64

Every TOTP implementation (even FreeOTP by RedHat) I find uses Base32 encoding/decoding for it's generated secret. Why is Base64 not used, since Base32 uses roughly 20 % more space and its main advantage is, that it is more human-readable? It is not…
Leth
  • 81
  • 1
  • 3
8
votes
0 answers

Yesod.Auth - how to require second-factor authentication?

I'm currently building a personal website in Yesod 1.4.5, and at the moment I'm implementing authentication. Authenticating with a username and password was easy enough - I used Yesod.Auth.HashDB - but as I'm quite security-conscious I'd like to…
00dani
  • 1,448
  • 15
  • 17
1
2 3
33 34