ThomasHabets
commented
5 years ago From RFC4226:
R4 - The value displayed on the token MUST be easily read and entered
by the user: This requires the HOTP value to be of reasonable length.
The HOTP value must be at least a 6-digit value. It is also
desirable that the HOTP value be 'numeric only' so that it can be
easily entered on restricted devices such as phones.It later lists possible extensions including alphanum, but says:
9-digit HOTP value, which is the maximum length of an
HOTP code supported by the proposed algorithm.so more than 9 may not be worth it.
But whether it's easy to add to this project or implement from scratch I don't know. Keep in mind that if you go alphanum then the RFC doesn't seem to define the alphabet, so you'll be going off-standard.
Also, standard disclaimer:
FYI: The version in Google Play Store / Apple App store is not the same as this opensource version. They've diverged. This opensource version is also unlikely to end up in the app stores. This open source version doesn't get much love, but I'll accept well-written pull requests. But don't expect this feature to be implemented by Google.
vzhilov
Hi, I would like to fork the app to make it generating longer codes of 8-16 characters including digits and letters (or even few words) Do you see it is easy to do based on this code or better to start from scratch?