ThomasHabets
commented
2 years ago 1h or more? Why? Maybe try HOTP?
Sure, I would accept well-written PRs to implement this. But do you even have an OTP generator that supports this?
Open QTNiCheng opened 2 years ago
ThomasHabets
commented
2 years ago 1h or more? Why? Maybe try HOTP?
Sure, I would accept well-written PRs to implement this. But do you even have an OTP generator that supports this?
QTNiCheng
commented
2 years ago Thank you for your reply. I have encountered some scenes, which is not particularly high for security requirements. I can allow 1 hour to refresh a verification code, or for a longer time. I think there will be some people who have encountered similar situations. I found a OTP for PYTHON. It seems that you can modify the trigger time, but I have not tested it. https://github.com/grahammitchell/google-authenticator
LoganDark
commented
2 years ago do you even have an OTP generator that supports this?
KeePassXC supports configuring TOTP parameters, including changing the algorithm (SHA-1, SHA-256 or SHA-512), time step, and code size (how many digits).
akerl
commented
2 years ago It’s worth noting that if you extend the time, you also reduce how frequently you can auth (assuming you disallow reuse, which you should do). If the time step is 1h, you can only log in once an hour.
LoganDark
commented
2 years ago Couldn't be me, I can't get sshd/PAM configured to use google-authenticator properly anyway. :P
Now the verification code is 30 seconds by default. I have queried a lot of data and have not found a way to modify the refresh time.