You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'm implementing TOTP using the TotpSecurityStampBasedTokenProvider and couldn't figure out why it wasn't working with Google Authenticator.
While debugging I noticed that TotpSecurityStampBasedTokenProvider uses a fixed timestep of 3 minutes while google authenticator has a default set to 30 seconds. This difference causes the algorithm to generate different codes. It can not be modified in any way either.
It'll be nice if an option is there to give the time span as parameter
just like we have in Email Confirmation Tokens but for PhoneNumberToken its by default 3 minutes
so would it be possible to make it a parameter ?
just like
I'm implementing TOTP using the TotpSecurityStampBasedTokenProvider and couldn't figure out why it wasn't working with Google Authenticator.
While debugging I noticed that TotpSecurityStampBasedTokenProvider uses a fixed timestep of 3 minutes while google authenticator has a default set to 30 seconds. This difference causes the algorithm to generate different codes. It can not be modified in any way either.
The Google Authenticator documentation specifies it has the option but it is not taken into account.
How can I resolve this without creating my own provider?
If you like I can create a pull request that allows users to override the currently hardcoded timestep.
The text was updated successfully, but these errors were encountered: