Comment 1 for bug 911951
Revision history for this message
| Stuart Metcalfe (stuartmetcalfe) wrote | #1 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
f33e652
(Get the code!)
"(possibly keep them around with the date they were used)"
Remember that OATH/HOTP is a counter/event based OTP, so when a token is used, it automatically invalidates previous sequential tokens (generated with a lower counter value) and, on the other side, going too far ahead (exceeding the counter drift setting) will fail validation. The list of generated tokens should be enumerated and are designed to be entered in sequence. We probably shouldn't display the gen'd tokens after the first time - it should be up to the admin to mail/print/read them for the user at the time of generation.