Stack Overflow
Stack Overflow

Questions tagged [one-time-password]

One time passwords are designed as single use passwords which expire after use. They are often more secure than single factor authentication methods such as username-password (something the user knows) due to their single use which makes replay attacks impossible

507 questions
7
votes
1 answer

Using TOTP for keepass database

With OtpKeyProv-Plugin it is possible to lock the database with HOTP-passwords. I'm searching for possibility to lock my database with time-based passwords. It would allow to generate the keys on multiple devices (yubikey, google authenticator..)…
amw
  • 392
  • 3
  • 10
7
votes
3 answers

Mobile app: how to show the OTP my app sends in a popup without leaving my app?

We've had to code an OTP based authentication. I have seen some apps, like my bank's app, which when it sends the OTP also then immediately does a quick popup of the SMS that has just arrived, so I can see the OTP without leaving the app. I just…
PKHunter
  • 642
  • 2
  • 11
  • 24
7
votes
5 answers

how to generate OTP and send the password to mobile via sms

I am doing a project of using OTP for the login of the websites, I have created a button named "Generate" once clicked it will create an OTP and send an SMS via HTTP gateway, then it stores the password in the database. My code to create an OTP and…
Ajai Sandy
  • 107
  • 1
  • 1
  • 11
6
votes
3 answers

Using the same AES key for CBC and ECB

Overview I'm trying to come up with a way for a server and client to be able to generate a unique IV for each request that is both different for every client and yet deterministic. What I mean by deterministic is that the server can calculate the…
rhololkeolke
  • 736
  • 2
  • 7
  • 25
6
votes
3 answers

Is there an Android equivalent of iOS 12's one-time-code auto fill?

I've implemented support in our iOS app for Apple's auto-fill of SMS one-time-codes from messages. As documented, it's trivial - you just set the type to "one time code" on your UITextField and that's all. How to show verification code suggestion on…
Orion Edwards
  • 113,829
  • 60
  • 223
  • 307
6
votes
3 answers

Perfectly random one-time pad for encryption

I need to create a one-time pad to encrypt some data (a few KBs in size). How should I go about generating this one-time pad to avoid all of the pseudo-random problems associated with basic random number generation such as rand()? Is there an…
Petrus Theron
  • 25,051
  • 30
  • 137
  • 263
6
votes
3 answers

HMAC-based one time password in C# (RFC 4226 - HOTP)

I am attempting to wrap my brain around generating a 6 digit/character non case sensitive expiring one-time password. My source is http://tools.ietf.org/html/rfc4226#section-5 First the definition of the parameters C 8-byte counter value, the…
Josh
  • 15,587
  • 25
  • 107
  • 149
6
votes
3 answers

How to move Google Authenticator to a hardware device?

I'm using two-factor authentication based on Google Authenticator and I need to connect the hardware tokens to this system. The problem is that I can’t use standard OTP tokens with the built in secret keys. The 2FA system generates the secret keys…
Alexey Nikitenko
  • 1,889
  • 1
  • 18
  • 30
6
votes
1 answer

Google Authenticator code does not match server generated code

Background I'm currently working on a two-factor authentication system where user are able to authenticate using their smartphone. Before the user can make use of their device they need to verify it first. For this they need to scan a QR code I…
Bono
  • 4,477
  • 6
  • 43
  • 76
6
votes
3 answers

How to populate OTP from user's message box to application directly in iPhone?

I am working on an internet trading application with its mobile and iPhone applications available. With the recent market trend, we are working on including two-factor authentication. For that, we will be sending a one-time password as a sms on…
Yasha
  • 163
  • 1
  • 4
  • 13
5
votes
4 answers

Can I Auto read OTP on Mobile Browsers?

I am working on auto reading a login OTP on a mobile browser. My web application is built in Angular 7. Once the user clicks on login, an OTP is sent via AWS to the user's mobile with a 6 digit code. I have looked up Google's SMS Retriever API but…
Varun Joshi
  • 439
  • 4
  • 21
5
votes
5 answers

Temp file that exists only in RAM?

I'm trying to write an encrpytion using the OTP method. In keeping with the security theories I need the plain text documents to be stored only in memory and never ever written to a physical drive. The tmpnam command appears to be what I need, but…
Auraomega
  • 247
  • 5
  • 11
5
votes
2 answers

Google OTP Generation Java

I am currently trying to recreate a Google One Time Password generator. I use a shared secret generated when I setup Google Authenticator. I tried looking into the Google Authenticator sources and all around the internet really and I find a lot of…
Guillaume Wilmot
  • 103
  • 1
  • 9
5
votes
0 answers

Why Use TOTP/HOTP instead of just using math.random()?

I'm trying to add OTP functionality for sign in, in my android app. I'm using node.js for the backend. Now, first I thought about generating random numbers like math.random(). I can easily generate PTPs on my server side and I will store them in my…
aman verma
  • 612
  • 1
  • 7
  • 23
5
votes
10 answers

How to generate OTP Number with 6 digits

What is an OTP number in a login authentication system? Is there any specific algorithm for generating OTP numbers using java (android). Or is an OTP something like random number? How can this be achieved, with optimization.
Android Developer
  • 123
  • 1
  • 1
  • 5
1
2
3
33 34