totp to expire with step config after generation
surajk-TDM opened this issue · comments
Currently we observed that, whenever we generate a totp, the step config configured (say 30 seconds) . The totp expires on the 30th second. say if XXXXXX is totp generated at 12:00:15, expires at 12:00:30. Instead , totp generated at 12:00:15 to be expired at 12:00:45.
The Time-Based Algorithms work this way. It doesn't mean that the code's 30-second life starts from the time when it is generated. It means that it complies with the 30-second TOTP RFC 6238 algorithm. Otherwise, you would not have been able to generate the same time-based codes in different devices as they had been generated at different times.
The Time-Based Algorithms work this way. It doesn't mean that the code's 30-second life starts from the time when it is generated. It means that it complies with the 30-second TOTP RFC 6238 algorithm. Otherwise, you would not have been able to generate the same time-based codes in different devices as they had been generated at different times.
You mean in that case any generated totp within 12:00 and 12:30 (excluded) will expire at 12:30 ?
@Lerado correct!
@Lerado correct!
Thank you ! According to the RFC it's recommended to consider having an acceptable delay of transmission that could be considered valid. At most one time-step backwards is recommended.
So considering T1 and T2 two consecutive timesteps, any token generated within T1 but checked with T2 could be considered valid according to RFC 6238.