%% You should probably cite rfc4226 instead of this I-D.
@techreport{mraihi-oath-hmac-otp-04,
    number =    {draft-mraihi-oath-hmac-otp-04},
    type =      {Internet-Draft},
    institution =   {Internet Engineering Task Force},
    publisher = {Internet Engineering Task Force},
    note =      {Work in Progress},
    url =       {https://datatracker.ietf.org/doc/draft-mraihi-oath-hmac-otp/04/},
    author =    {David M'Raihi and David M'Raihi and Frank Hoornaert and David Naccache and Mihir Bellare and Ohad Ranen},
    title =     {{HOTP: An HMAC-Based One-Time Password Algorithm}},
    pagetotal = 37,
    year =      2005,
    month =     may,
    day =       19,
    abstract =  {This document describes an algorithm to generate one-time password values, based on Hashed Message Authentication Code (HMAC). A security analysis of the algorithm is presented, and important parameters related to the secure deployment of the algorithm are discussed. The proposed algorithm can be used across a wide range of network applications ranging from remote Virtual Private Network (VPN) access, Wi-Fi network logon to transaction-oriented Web applications. This work is a joint effort by the OATH (Open AuTHentication) membership to specify an algorithm that can be freely distributed to the technical community. The authors believe that a common and shared algorithm will facilitate adoption of two-factor authentication on the Internet by enabling interoperability across commercial and open-source implementations. This memo provides information for the Internet community.},
}