Hello,What does the Skew parameter mean?
nfhh opened this issue · comments
nfhh commented
Hello ,What does the Skew parameter mean?
Kumo commented
When Skew is 1 (actually, the default value for this library is 1), authentication will check the valid time range of the OTP, both before and after the current period, which means that the OTP password is still valid after the present period (e.g. period is 30 seconds, and the valid time range is [Before(30s) ~ Present(30s) ~ After(30s)]).
I recommend using ValidateCustom() which allows you to manually set the Skew to 0.
https://github.com/pquerna/otp/blob/master/totp/totp.go#L102-L109
counters = append(counters, uint64(counter))
for i := 1; i <= int(opts.Skew); i++ {
counters = append(counters, uint64(counter+int64(i)))
counters = append(counters, uint64(counter-int64(i)))
}