diff options
author | Stephen Shkardoon <stephen@zxsecurity.co.nz> | 2019-10-07 00:14:22 +0200 |
---|---|---|
committer | Stephen Shkardoon <stephen@zxsecurity.co.nz> | 2019-10-07 00:14:22 +0200 |
commit | 0e264dded0086700ced6081abdb41d5892cf00e4 (patch) | |
tree | c2ddf37ec9b23dccfec1fb6f1407186707163121 /README.md | |
parent | Minor tweaks and formatting to decode-qr-uri (diff) | |
download | entrust-identityguard-tools-0e264dded0086700ced6081abdb41d5892cf00e4.tar entrust-identityguard-tools-0e264dded0086700ced6081abdb41d5892cf00e4.tar.gz entrust-identityguard-tools-0e264dded0086700ced6081abdb41d5892cf00e4.tar.bz2 entrust-identityguard-tools-0e264dded0086700ced6081abdb41d5892cf00e4.tar.lz entrust-identityguard-tools-0e264dded0086700ced6081abdb41d5892cf00e4.tar.xz entrust-identityguard-tools-0e264dded0086700ced6081abdb41d5892cf00e4.tar.zst entrust-identityguard-tools-0e264dded0086700ced6081abdb41d5892cf00e4.zip |
Diffstat (limited to 'README.md')
-rw-r--r-- | README.md | 8 |
1 files changed, 8 insertions, 0 deletions
@@ -13,8 +13,16 @@ $ ./decode-qr-uri.py 'igmobileotp://?action=secactivate&enc=VRUq6IoLWQRCMRITZEHt # generate-otp.py Once you have the required information from a QR code, you can combine it with a "registration code" to derive the OTP secret. This registration code contains random bytes that were generated on the end-users device (their mobile phone), and are thus required to determine the OTP secret. An example way to obtain all of this information would be through email, if the user recieves a QR code in their email, then responds with their registration code. +The OTP secret optionally includes the policy specification, which is provided as part of the QR code. *If you are having problems generating a valid OTP secret, try with or without the policy parameter*. + Example: ``` +$ ./generate-otp.py 48244-13456 1745-7712-6942-8698 12211-49352 --policy '{"allowUnsecured":"false","trustedExecution":"NOT_ALLOWED"}' +bb9b6d72ae99b006de5e106935ec96da + +To generate a code immediately, run: +oathtool -v --totp=sha256 --digits=6 bb9b6d72ae99b006de5e106935ec96da + $ ./generate-otp.py 48244-13456 1745-7712-6942-8698 12211-49352 9a8eab5ecc9fc413758a92ac223dc6a0 |