Javascript disabled? Like other modern websites, the IETF Datatracker relies on Javascript. Please enable Javascript for full functionality.

HOTP: An HMAC-Based One-Time Password Algorithm
RFC 4226

Revision differences

From revision

To revision

Diff format

Document history

Date	By	Action
2023-01-25	Jenny Bui	Changed author "David M'Raihi": changed order from "-1" to "1"
2023-01-25	Jenny Bui	Changed author "Ohad Ranen": changed order from "3" to "5"
2023-01-25	Jenny Bui	Changed author "Mihir Bellare": changed order from "2" to "4"
2023-01-25	Jenny Bui	Changed author "David Naccache": changed order from "1" to "3"
2023-01-25	Jenny Bui	Changed author "Frank Hoornaert": changed order from "0" to "2"
2023-01-25	Jenny Bui	Changed author "David M'Raihi": changed email from "davidietf@gmail.com" to "dmraihi@verisign.com", set affiliation to "VeriSign", set country to "Mountain View, CA 94043 … Changed author "David M'Raihi": changed email from "davidietf@gmail.com" to "dmraihi@verisign.com", set affiliation to "VeriSign", set country to "Mountain View, CA 94043 USA", changed order from "-1" to "1"
2020-01-21	(System)	Received changes through RFC Editor sync (added Verified Errata tag)
2018-12-20	(System)	Received changes through RFC Editor sync (changed abstract to 'This document describes an algorithm to generate one-time password values, based on Hashed Message Authentication Code … Received changes through RFC Editor sync (changed abstract to 'This document describes an algorithm to generate one-time password values, based on Hashed Message Authentication Code (HMAC). A security analysis of the algorithm is presented, and important parameters related to the secure deployment of the algorithm are discussed. The proposed algorithm can be used across a wide range of network applications ranging from remote Virtual Private Network (VPN) access, Wi-Fi network logon to transaction-oriented Web applications. This work is a joint effort by the OATH (Open AuTHentication) membership to specify an algorithm that can be freely distributed to the technical community. The authors believe that a common and shared algorithm will facilitate adoption of two-factor authentication on the Internet by enabling interoperability across commercial and open-source implementations. This memo provides information for the Internet community.')
2017-05-16	(System)	Changed document authors from "Frank Hoornaert, David Naccache, Mihir Bellare, Ohad Ranen" to "Frank Hoornaert, David Naccache, Mihir Bellare, Ohad Ranen, Mountain View, David M'Raihi"
2009-02-25	(System)	Posted related IPR disclosure: VeriSign's Statement about IPR related to draft-mraihi-mutual-oath-hotp-variants, draft-mraihi-totp-timebased, draft-ietf-keyprov-dskpp, draft-ietf-keyprov-pskc, and RFC 4226
2009-02-18	(System)	Posted related IPR disclosure: VeriSign's Statement about IPR related to draft-ietf-keyprov-pskc, draft-ietf-keyprov-dskpp, draft-mraihi-totp-timebased, draft-mraihi-mutual-oath-hotp-variants, and RFC 4226
2005-12-27	Amy Vezza	State Changes to RFC Published from RFC Ed Queue by Amy Vezza
2005-12-27	Amy Vezza	[Note]: 'RFC 4226' added by Amy Vezza
2005-12-23	(System)	RFC published