-
Notifications
You must be signed in to change notification settings - Fork 286
/
FILEFORMAT
68 lines (52 loc) · 2.91 KB
/
FILEFORMAT
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
All configuration data and state is kept in ~/.google_authenticator
The file is all ASCII, but is kept in a very simple-to-parse and rigid
file format.
The file size is currently limited to 1kB. This should be generous even
when using a very large list of scratch codes.
The first line is the base32 encoded secret. It uses characters in the range
A..Z2..7. The secret is used after first trying any one-time scratch codes.
HOTP mode is used only if HOTP_COUNTER is present.
TOTP mode is used only if TOTP_AUTH is present *and* HOTP_COUNTER is
not present.
The following lines are optional. They all start with a double quote character,
followed by a space character. Followed by an option name. Option names are
all upper-case and must include an underscore. This ensures that they cannot
accidentally appear anywhere else in the file.
Options can be followed by option-specific parameters.
Currently, the following options are recognized:
DISALLOW_REUSE
if present, this signals that a time-based token can be used
at most once. Any attempt to log in using the same token will be denied.
This means that users can typically not log in faster than once every
~30 seconds.
The option is followed by a space-separated list of time stamps that
have previously been used for login attempts.
This option has no effect when HOTP_COUNTER is present.
RATE_LIMIT n m ...
this optional parameter restricts the number of logins to at most "n"
within each "m" second interval. Additional parameters in this line are
undocumented; they are used internally to keep track of state.
TOTP_AUTH
the presence of this option indicates that the secret can be used to
authenticate users with a time-based token.
STEP_SIZE n
the number of seconds in each time step during which a TOTP code is valid.
The default is that a code is valid for 30 seconds.
HOTP_COUNTER n
the presence of this option indicates that the secret can be used to
authenticate users with a counter-based token. The argument "n"
represents which counter value the token will accept next. It should
be initialized to 1.
WINDOW_SIZE n
the default window size is 3, allowing up to one extra valid token
before and after the currently active one. This might be too restrictive
if the client and the server experience significant time skew.
You can provide a parameter to increase the login window size from 3 to "n"
In counter-based mode, this option is the number of valid tokens after
the currently active one. The default is almost certainly too restrictive
for most users as invalid login attempts and generated-but-not-used
tokens both contribute to synchronization problems.
Any all-numeric sequence of eight-digit numbers are randomly generated
one-time scratch code tokens. The user can enter any arbitrary
one-time code to log into his account. The code will then be removed
from the file.