TOTP RFC 6238
E937611
TOTP RFC 6238 is the Internet standard that defines time-based one-time password generation for two-factor authentication systems.
Statements (48)
| Predicate | Object |
|---|---|
| instanceOf |
Internet standard
ⓘ
RFC ⓘ time-based one-time password algorithm specification ⓘ |
| allows |
SHA-1
ⓘ
SHA-256 NERFINISHED ⓘ SHA-512 ⓘ |
| area | Security ⓘ |
| basedOn | HMAC-Based One-Time Password (HOTP) algorithm NERFINISHED ⓘ |
| category | Informational ⓘ |
| defines |
Time-Based One-Time Password (TOTP) algorithm
NERFINISHED
ⓘ
client and server time synchronization requirements ⓘ interoperability requirements for TOTP ⓘ key provisioning requirements ⓘ resynchronization procedures ⓘ security considerations for TOTP ⓘ test vectors for TOTP implementations ⓘ |
| extends | HOTP RFC 4226 NERFINISHED ⓘ |
| language | English ⓘ |
| obsoletes | none ⓘ |
| organization | IETF Token Authentication community NERFINISHED ⓘ |
| primaryUse |
multi-factor authentication
ⓘ
two-factor authentication ⓘ |
| publishedBy |
Internet Engineering Task Force
ⓘ
surface form:
IETF
Internet Engineering Task Force ⓘ |
| recommends |
30-second time step
ⓘ
6-digit OTP values ⓘ |
| relatedTo |
HOTP RFC 4226
NERFINISHED
ⓘ
OATH Initiative NERFINISHED ⓘ |
| RFCNumber | 6238 ⓘ |
| specifies |
T0 initial counter time
ⓘ
output digit length for OTP ⓘ time step X for moving factor ⓘ use of Unix time in seconds ⓘ validation window for OTP verification ⓘ |
| standardizes | time-based one-time password generation ⓘ |
| status | Best Current Practice for TOTP-like systems in practice ⓘ |
| stream |
Internet Engineering Task Force
ⓘ
surface form:
IETF
|
| title | TOTP: Time-Based One-Time Password Algorithm NERFINISHED ⓘ |
| topic |
authentication protocols
ⓘ
cryptography ⓘ |
| updates | none ⓘ |
| usedBy |
authentication servers
ⓘ
hardware tokens ⓘ mobile authenticator applications ⓘ web services implementing two-factor authentication ⓘ |
| uses |
HMAC
NERFINISHED
ⓘ
current time as moving factor ⓘ shared secret key ⓘ |
Referenced by (1)
Full triples — surface form annotated when it differs from this entity's canonical label.
subject surface form:
Microsoft Authenticator