HOTP token changes too fast

Hi
I managed to integrate privacyidea with AD and enroll HOTP tokens in google
authenticator flawlessly

However the token generates new code every 10 SECONDS!
This is too fast for the end users to read and type.

How can I configure the new token to change the code every* 1 minute*?

Thanks

Hi Cornelius
Eventually I switched TOTP token
thanks !On Tuesday, May 10, 2016 at 1:05:48 PM UTC+3, Cornelius Kölbel wrote:

You are giving way to few information here and I think you are mixing
some things up here.

An HOTP token will not change at all.
The Google Authenticator does not change a TOTP in 10sec. I am not sure
if it can. You should ask a Google Authenticator Mailing list - we are
not responsible for this.

You can however post a QR Code here, so that we get an idea, what in
fact you are enrolling.

Am Dienstag, den 10.05.2016, 01:58 -0700 schrieb Itaios:

So what it is the event that trigger the token changes?

in other word - do i have any config file that can handle this ? or
this is the default and cannot be changed?

On Tuesday, May 10, 2016 at 11:52:56 AM UTC+3, Cornelius Kölbel wrote:
HOTP is event based, not time based.

    Read RFC4226 and RFC6238, think about it and ask the right 
    question. ;-) 
    
    Am Dienstag, den 10.05.2016, 01:48 -0700 schrieb Itaios: 
    > Hi 
    > I managed to integrate privacyidea with AD and enroll HOTP 
    tokens in 
    > google authenticator flawlessly 
    > 
    > 
    > However the token generates new code every 10 SECONDS! 
    > This is too fast for the end users to read and type. 
    > 
    > 
    > How can I configure the new token to change the code every 1 
    minute? 
    > 
    > 
    > Thanks 
    > 
    > 
    > -- 
    > Please read the blog post about getting help 
    > https://www.privacyidea.org/getting-help/. 
    >   
    > For professional services and consultancy regarding two 
    factor 
    > authentication please visit 
    > https://netknights.it/en/leistungen/one-time-services/ 
    >   
    > In an enterprise environment you should get a SERVICE LEVEL 
    AGREEMENT 
    > which suites your needs for SECURITY, AVAILABILITY and 
    LIABILITY: 
    > 
    https://netknights.it/en/leistungen/service-level-agreements/ 
    > --- 
    > You received this message because you are subscribed to the 
    Google 
    > Groups "privacyidea" group. 
    > To unsubscribe from this group and stop receiving emails 
    from it, send 
    > an email to privacyidea...@googlegroups.com. 
    > To post to this group, send email to 
    priva...@googlegroups.com. 
    > Visit this group at 
    https://groups.google.com/group/privacyidea. 
    > To view this discussion on the web visit 
    > 

https://groups.google.com/d/msgid/privacyidea/e8b51914-71d7-455f-a3c3-89f4101f240c%40googlegroups.com.

    > For more options, visit https://groups.google.com/d/optout. 
    
    -- 
    Cornelius Kölbel 
    corneliu...@netknights.it 
    +49 151 2960 1417 
    
    NetKnights GmbH 
    http://www.netknights.it 
    Landgraf-Karl-Str. 19, 34131 Kassel, Germany 
    Tel: +49 561 3166797, Fax: +49 561 3166798 
    
    Amtsgericht Kassel, HRB 16405 
    Geschäftsführer: Cornelius Kölbel 


Please read the blog post about getting help
Getting help – privacyID3A.

For professional services and consultancy regarding two factor
authentication please visit
One Time Services - NetKnights - IT-Sicherheit - Zwei-Faktor-Authentisierung - Verschlüsselung

In an enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
privacyIDEA Support Level

You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea...@googlegroups.com <javascript:>.
To post to this group, send email to priva...@googlegroups.com
<javascript:>.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visit

https://groups.google.com/d/msgid/privacyidea/84812a35-2a7b-4d53-9d02-a9beac668d86%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.


Cornelius Kölbel
corneliu…@netknights.it <javascript:>
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel

So what it is the event that trigger the token changes?

in other word - do i have any config file that can handle this ? or this is
the default and cannot be changed?On Tuesday, May 10, 2016 at 11:52:56 AM UTC+3, Cornelius Kölbel wrote:

HOTP is event based, not time based.

Read RFC4226 and RFC6238, think about it and ask the right question. :wink:

Am Dienstag, den 10.05.2016, 01:48 -0700 schrieb Itaios:

Hi
I managed to integrate privacyidea with AD and enroll HOTP tokens in
google authenticator flawlessly

However the token generates new code every 10 SECONDS!
This is too fast for the end users to read and type.

How can I configure the new token to change the code every 1 minute?

Thanks


Please read the blog post about getting help
Getting help – privacyID3A.

For professional services and consultancy regarding two factor
authentication please visit
One Time Services - NetKnights - IT-Sicherheit - Zwei-Faktor-Authentisierung - Verschlüsselung

In an enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
privacyIDEA Support Level

You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea...@googlegroups.com <javascript:>.
To post to this group, send email to priva...@googlegroups.com
<javascript:>.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visit

https://groups.google.com/d/msgid/privacyidea/e8b51914-71d7-455f-a3c3-89f4101f240c%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.


Cornelius Kölbel
corneliu…@netknights.it <javascript:>
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel

You are giving way to few information here and I think you are mixing
some things up here.

An HOTP token will not change at all.
The Google Authenticator does not change a TOTP in 10sec. I am not sure
if it can. You should ask a Google Authenticator Mailing list - we are
not responsible for this.

You can however post a QR Code here, so that we get an idea, what in
fact you are enrolling.Am Dienstag, den 10.05.2016, 01:58 -0700 schrieb Itaios:

So what it is the event that trigger the token changes?

in other word - do i have any config file that can handle this ? or
this is the default and cannot be changed?

On Tuesday, May 10, 2016 at 11:52:56 AM UTC+3, Cornelius Kölbel wrote:
HOTP is event based, not time based.

    Read RFC4226 and RFC6238, think about it and ask the right
    question. ;-) 
    
    Am Dienstag, den 10.05.2016, 01:48 -0700 schrieb Itaios: 
    > Hi 
    > I managed to integrate privacyidea with AD and enroll HOTP
    tokens in 
    > google authenticator flawlessly 
    > 
    > 
    > However the token generates new code every 10 SECONDS! 
    > This is too fast for the end users to read and type. 
    > 
    > 
    > How can I configure the new token to change the code every 1
    minute? 
    > 
    > 
    > Thanks 
    > 
    > 
    > -- 
    > Please read the blog post about getting help 
    > https://www.privacyidea.org/getting-help/. 
    >   
    > For professional services and consultancy regarding two
    factor 
    > authentication please visit 
    > https://netknights.it/en/leistungen/one-time-services/ 
    >   
    > In an enterprise environment you should get a SERVICE LEVEL
    AGREEMENT 
    > which suites your needs for SECURITY, AVAILABILITY and
    LIABILITY: 
    >
    https://netknights.it/en/leistungen/service-level-agreements/ 
    > --- 
    > You received this message because you are subscribed to the
    Google 
    > Groups "privacyidea" group. 
    > To unsubscribe from this group and stop receiving emails
    from it, send 
    > an email to privacyidea...@googlegroups.com. 
    > To post to this group, send email to
    priva...@googlegroups.com. 
    > Visit this group at
    https://groups.google.com/group/privacyidea. 
    > To view this discussion on the web visit 
    >
    https://groups.google.com/d/msgid/privacyidea/e8b51914-71d7-455f-a3c3-89f4101f240c%40googlegroups.com. 
    > For more options, visit https://groups.google.com/d/optout. 
    
    -- 
    Cornelius Kölbel 
    corneliu...@netknights.it 
    +49 151 2960 1417 
    
    NetKnights GmbH 
    http://www.netknights.it 
    Landgraf-Karl-Str. 19, 34131 Kassel, Germany 
    Tel: +49 561 3166797, Fax: +49 561 3166798 
    
    Amtsgericht Kassel, HRB 16405 
    Geschäftsführer: Cornelius Kölbel 


Please read the blog post about getting help
Getting help – privacyID3A.

For professional services and consultancy regarding two factor
authentication please visit
One Time Services - NetKnights - IT-Sicherheit - Zwei-Faktor-Authentisierung - Verschlüsselung

In an enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
privacyIDEA Support Level

You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/84812a35-2a7b-4d53-9d02-a9beac668d86%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Cornelius Kölbel
@cornelinux
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel

signature.asc (836 Bytes)

HOTP is event based, not time based.

Read RFC4226 and RFC6238, think about it and ask the right question. ;-)Am Dienstag, den 10.05.2016, 01:48 -0700 schrieb Itaios:

Hi
I managed to integrate privacyidea with AD and enroll HOTP tokens in
google authenticator flawlessly

However the token generates new code every 10 SECONDS!
This is too fast for the end users to read and type.

How can I configure the new token to change the code every 1 minute?

Thanks


Please read the blog post about getting help
Getting help – privacyID3A.

For professional services and consultancy regarding two factor
authentication please visit
One Time Services - NetKnights - IT-Sicherheit - Zwei-Faktor-Authentisierung - Verschlüsselung

In an enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
privacyIDEA Support Level

You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/e8b51914-71d7-455f-a3c3-89f4101f240c%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Cornelius Kölbel
@cornelinux
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel

signature.asc (836 Bytes)