Google Token does not match when increase step !

Question

Google Token does not match when increase step !

lyquocnam opened this issue 7 years ago · 4 comments

i try to generate token:

speakeasy.totp({
        secret: secret32,
        encoding: 'base32',
        step: 60 * tokenTimeoutInMinutes // time left will be destroyed
    });

verify token:

speakeasy.totp.verify({
        secret: secret32,
        encoding: 'base32',
        token: token,
        step: 60 * tokenTimeoutInMinutes,
        // window: 2
});

if i enable step option, it will not work with Google Auth Token. It worked when i remove step options.

What i missing ?

Answer 1 · 2018-01-07T19:58:00.000Z

Google Authenticator only supports a time step of 30 seconds.

Answer 2 · 2018-01-08T01:10:33.000Z

@markbao so how can i send token to email, i mean we can get both methods are using by Google Auth and receive auth token on email ?

Answer 3 · 2018-01-11T04:06:11.000Z

I see. Can you tell me more about what your setup is - you are generating a token and sending it to a user via email? And you are allowing a user to input both the code from GA as well as from the email?

I think the option you're looking for would be window, not step. However, in this case there would be a two-sided window, so if you specify window to be 5 minutes, it would accept values from 5 minutes before and 5 minutes after. That might not be ideal, since presumably you would only want to accept tokens from the time that the token was generated and the current time. If you tell me more about your implementation I can let you know if that would make sense or not.

Answer 4 · 2018-01-12T02:28:48.000Z

@markbao thank you for your tutorial, this resolved by using window: 5 not step.
thanks for great project !