Are you sure you want to delete this task? Once this task is deleted, it cannot be recovered.
6543 43bb85908d | 4 years ago | |
---|---|---|
.. | ||
hotp | 4 years ago | |
totp | 4 years ago | |
.travis.yml | 4 years ago | |
LICENSE | 7 years ago | |
NOTICE | 7 years ago | |
README.md | 5 years ago | |
doc.go | 7 years ago | |
go.mod | 4 years ago | |
go.sum | 4 years ago | |
otp.go | 4 years ago |
One Time Passwords (OTPs) are an mechanism to improve security over passwords alone. When a Time-based OTP (TOTP) is stored on a user's phone, and combined with something the user knows (Password), you have an easy on-ramp to Multi-factor authentication without adding a dependency on a SMS provider. This Password and TOTP combination is used by many popular websites including Google, Github, Facebook, Salesforce and many others.
The otp
library enables you to easily add TOTPs to your own application, increasing your user's security against mass-password breaches and malware.
Because TOTP is standardized and widely deployed, there are many mobile clients and software implementations.
otp
Supports:For an example of a working enrollment work flow, Github has documented theirs, but the basics are:
key,_ := totp.Generate(...)
.key.Secret()
and key.Image(...)
.totp.Validate(...)
.key.Secret()
GenerateCode
function and a counter ortime.Time
struct to generate a valid code compatible with most implementations.GenerateCodeCustom
totp.Validate(...)
When a user loses access to their TOTP device, they would no longer have access to their account. Because TOTPs are often configured on mobile devices that can be lost, stolen or damaged, this is a common problem. For this reason many providers give their users "backup codes" or "recovery codes". These are a set of one time use codes that can be used instead of the TOTP. These can simply be randomly generated strings that you store in your backend. Github's documentation provides an overview of the user experience.
Please open issues in Github for ideas, bugs, and general thoughts. Pull requests are of course preferred :)
otp
is licensed under the Apache License, Version 2.0
本项目是群体化方法与技术的开源实现案例,在基于Gitea的基础上,进一步支持社交化的协同开发、协同学习、协同研究等群体创新实践服务,特别是针对新一代人工智能技术特点,重点支持项目管理、git代码管理、大数据集存储管理与智能计算平台接入。 https://www.trustie.net/
Go Roff Shell Less JavaScript other
Dear OpenI User
Thank you for your continuous support to the Openl Qizhi Community AI Collaboration Platform. In order to protect your usage rights and ensure network security, we updated the Openl Qizhi Community AI Collaboration Platform Usage Agreement in January 2024. The updated agreement specifies that users are prohibited from using intranet penetration tools. After you click "Agree and continue", you can continue to use our services. Thank you for your cooperation and understanding.
For more agreement content, please refer to the《Openl Qizhi Community AI Collaboration Platform Usage Agreement》