Setting timeout to passcode

Question

Setting timeout to passcode

AjayPara opened this issue 6 years ago · comments

How can we restrict the passcode's lifetime?
I am trying it by using the setTimeStepSizeInMillis method but it doesn't seem to be working.
Can anyone help me with this?

Axay · Answer 1 · Wed Nov 20 2019 17:07:54 GMT+0800 (China Standard Time)

Try this

// config builder
GoogleAuthenticatorConfig.GoogleAuthenticatorConfigBuilder builder = new GoogleAuthenticatorConfig.GoogleAuthenticatorConfigBuilder()
                .setCodeDigits(8)
                .setTimeStepSizeInMillis(TimeUnit.SECONDS.toMillis(60L))
                .setSecretBits(80);
        
// config
GoogleAuthenticatorConfig config = builder.build();
        
// google authenticator
GoogleAuthenticator googleAuthenticator = new GoogleAuthenticator(config);

Enrico Maria Crisostomo · Answer 2 · Mon Mar 02 2020 19:15:58 GMT+0800 (China Standard Time)

Yes, the 'lifetime' of a passcode is called step size in the TOTP RFC.