Skip to content
/ JavaOTP Public
forked from damico/JavaOTP

A basic and an Open Source implementation of TOTP algorithm RFC6238 written in Java language

compplied.com.br
0 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

shubham390/JavaOTP

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits
.settings
.settings
 
 
JavaOTP
JavaOTP
 
 
src
src
 
 
.classpath
.classpath
 
 
.gitignore
.gitignore
 
 
.project
.project
 
 
README
README
 
 
pom.xml
pom.xml
 
 

Repository files navigation

JavaOTP is a basic and an Open Source implementation of TOTP algorithm RFC6238

**TOTP Explantion and need of implementation** 
Explain-
{If your website features a username+password authentication system, you owe it 
to your users to offer 2-factor authentication (or 2fa for short) as an additional
measure of protection for their accounts. If you're unfamiliar with 2fa, it's that
step in the login sequence that asks the user for a (typically) 6-digit numeric code
in order to complete user authentication. The 6 digit codes are either sent to the user's
phone as a text message upon a login attempt or generated by an app such as Google Authenticator.
Codes have a short validity period of typically 30 or 60 seconds. This will show you how
to implement such a system using java in a way that is compatible with Google Authenticator.}
 

Implementation-
{Your first idea for implementing the server side component of a 2fa system might be to randomly
generate 6 digit codes with short validity periods and send them to the user's phone in response 
to a login attempt. One major shortcoming with this approach is that your implementation wouldn't
be compatible with 2fa apps such as Google Authenticator which many users will prefer to use. 
In order to build a 2fa system that is compatible with Google Authenticator, we need to know what
algorithm it uses to generate codes. Fortunately, there is an RCF which precisely specifies the algorithm. 
RFC 6238 describes the "time-based one-time password" algorithm, or TOTP for short. The TOTP algorithm combines
a one time password (or secret key) and the current time to generate codes that change as time marches forward.
RFC 6238 also includes a reference implementation in java under the commercial-friendly Simplified BSD license.
This tutorial will show you how to use code from the RFC to build a working 2fa system that could easily be adapted 
into your java project.}

In order to use this project you will need Eclipse and JUnit

Dependencies

Java SE 1.6 or greater

License

Eclipse Public License 1.0 (EPL 1.0)

Authors

Jose Damico

Contact

Jose Ricardo de Oliveira Damico (jd.comment@gmail.com)

About

A basic and an Open Source implementation of TOTP algorithm RFC6238 written in Java language

compplied.com.br

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Java 71.0%
  • HTML 29.0%