Documentation Regarding Delay Window for Verification of ToTP

Question

Documentation Regarding Delay Window for Verification of ToTP

manurajsingh opened this issue a year ago · 4 comments

Hello
I would like to use your library for verifying ToTP. I see that the verification method allows delayWindow parameter.
Can you please add some documentation regarding what are the units for the delayWindow? Is it in milliseconds, seconds, minutes or something else?

Thanks.

BastiaanJansen commented a year ago

Correct!

Answer 1 · 2023-10-20T07:13:30.000Z

Hi @manurajsingh,

The delayWindow parameter allows you to allow older or newer totp codes. So if your totp period is 30 seconds and you verify with a delayWindow of 1 you also allow totp codes generated in one 30 second period before or after.

Answer 2 · 2023-10-20T07:49:53.000Z

Hello @BastiaanJansen

Thanks for a quick answer. So, following is what I understand:
With a delay window of 1, I will have
PAST<--->CURRENT<--->FUTURE
30s<---->30s<---->30s
which means overall period of 1min 30s to verify

and if delay window is 2, I will have
60s<--->30s<---->60s
which means overall period of 2min 30s to verify

Am I correct?

Thanks

Answer 3 · 2023-10-20T08:06:36.000Z

Great Thanks.