Difference between Authy and generated code.

BastiaanJansen / otp-java

A small and easy-to-use one-time password generator library for Java implementing RFC 4226 (HOTP) and RFC 6238 (TOTP).

MIT License

186 stars 30 forks source link

Difference between Authy and generated code. #62

Closed aminecmi closed 2 years ago

aminecmi commented 2 years ago

Hi,

I'm trying to build my own OTP app using your library, and I'm using my current app (Authy) to check if the codes are the same.

Parsing the OTPAuth URI gives a different code from what Authy returns. I even tried building the TOTP from scratch using the URI content, and trying the different algorithms, but I never had the same code.

What would be the issue here (if it is an issue) ?

Thanks.

aminecmi commented 2 years ago

For anyone interested, the OTPAuth URI generated contained a duration of 10s, yet Authy was using 30s periods.

Changing the period to 30s fixed my issue.