[9.200][ANSWERED] OTP Definitions

Trying to draft a clear set of definitions for the components used in OTP. Is this right/close?

OTP Token:

A UTM user object which is a collection of all the components required for using OTP’s for authentication (UTM User, OTP Secret, OTP passcodes (additional codes or Authenticator Tool generated)

OTP Secret:

Unique 64bit HEX key used in the algorithm to produce the passcode(s) for each user.

OTP Passcode:

Time-limited 6 digit code appended to users password for authentication on OTP-enabled UTM services

0 d12fk over 11 years ago

Just two remarks:

OTP Token: "UTM user object" should be "UTM object"
OTP Secret: must be at least 128 bit, but are 160 bit by default these days

Besides that everything's correct.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel