Skip to main content

TOTP: Time-Based One-Time Password Algorithm
RFC 6238

Revision differences

Document history

Date By Action
2020-01-21
(System) Received changes through RFC Editor sync (added Verified Errata tag)
2018-12-20
(System)
Received changes through RFC Editor sync (changed abstract to 'This document describes an extension of the One-Time Password (OTP) algorithm, namely the HMAC-based One-Time Password …
Received changes through RFC Editor sync (changed abstract to 'This document describes an extension of the One-Time Password (OTP) algorithm, namely the HMAC-based One-Time Password (HOTP) algorithm, as defined in RFC 4226, to support the time-based moving factor. The HOTP algorithm specifies an event-based OTP algorithm, where the moving factor is an event counter. The present work bases the moving factor on a time value. A time-based variant of the OTP algorithm provides short-lived OTP values, which are desirable for enhanced security.

The proposed algorithm can be used across a wide range of network applications, from remote Virtual Private Network (VPN) access and Wi-Fi network logon to transaction-oriented Web applications. The authors believe that a common and shared algorithm will facilitate adoption of two-factor authentication on the Internet by enabling interoperability across commercial and open-source implementations. This document is not an Internet Standards Track specification; it is published for informational purposes.')
2017-05-16
(System) Changed document authors from "Johan Rydell, Mingliang Pei, Salah Machani" to "Johan Rydell, Mingliang Pei, Salah Machani, Mountain View"
2015-10-14
(System) Notify list changed from smachani@diversinet.com, mpei@verisign.com, johan.rydell@portwise.com, draft-mraihi-totp-timebased@ietf.org, Hannes.Tschofenig@gmx.net to Hannes.Tschofenig@gmx.net
2011-05-17
Amy Vezza State changed to RFC Published from RFC Ed Queue.
2011-05-13
(System) RFC published