pixelplumber
commented
3 years ago I see similar issue if I paste in an optauth:// uri and click the "load URI" link above the input field. It seems to flash up the correct OTP value in preview until you click load URI and then changes over to the incorrect one based on the changed key hash/value?
eg:
-
Using example key HXDMVJECJJWSRB3HWIZR4IFUGFTMXBOZ from yubikit site and saving as plain text "TimeOtp-Secret-Base32" works for showing the TOTPs.
-
Deleting that manual entry, and using keeotp2 itself to create the TOTP saves "TimeOtp-Secret-Base32" as HXX37POKUTX37PKKNUUO7P55M7X37PJTDYQO7P55GFTMXBPPX66Q==== which then gives different OTP values.
-
Also copying and pasting in otpauth://totp/ACME%20Co:john@example.com?secret=HXDMVJECJJWSRB3HWIZR4IFUGFTMXBOZ&issuer=ACME%20Co&algorithm=SHA1&digits=6&period=30 from the same site into the "key or uri" field will show the correct value in the preview until you click "load URI" and then it must be converted and stored as the wrong value and changes the preview to the incorrect TOTP instead.
Have tried changing time sync settings and as mentioned if I just manually create the plain text value in the built in fieldname everything works OK.
Another thing I noticed when fiddling with time settings (tools>keeotp2>settings>Global time) to see if that was part of the problem is that if you change things here (eg: I changed to manual offset of -10sec) and exit and "show totp" on an entry, then the "time remaining" countdown doesn't take into account the -10sec offset although it looks like the TOTP value changes with the -10sec offset. The countdown continues on the un-adjusted time. So you get the value changing when countdown is at 20sec with -10sec offset.
This is all on windows 10 20H2.
Hope that helps let me know if there's any other info you need.
tiuub
chet-pikabu
KeePass 2.48.1, wine (Win 10 mode), .NET 4.8
Edit: versions 2.48.1 keepass, 1.5.6 keeotp2
Hi, just changed the plugin over from keeotp to keeotp2 and I'm having issues after migrating entries or creating new entries.
I notice that if I manually create a "TimeOtp-Secret-Base32" field and paste in a plain-text TOTP key (example: JBSWY3DPEHPK3PXP) then the displayed TOTP value is correct.
If I create and save the TOTP using the right click keeotp2 > configure TOTP context menu and paste the key in and save the entry; it looks like the saved TOTP key in TimeOtp-Secret-Base32 field is getting broken as the dispalyed TOTP is wrong and the value is saved as: JBSWY3DPEHPK3357XXX37PI=
Is this a hashing issue? Fiddling around with custom settings and the other encodings and hashes doesn't seem to help once its broken.
This bit me with migration as the migrated values were not working and the old otp key/value was removed. Had the entry history to fall back on though and get the original key back.