| Yubico Forum https://forum.yubico.com/ |
|
| OATH-HOTP wrong key length https://forum.yubico.com/viewtopic.php?f=16&t=644 |
Page 1 of 1 |
| Author: | captaincarrot [ Mon Feb 28, 2011 4:59 am ] |
| Post subject: | OATH-HOTP wrong key length |
Hi there, According to the standards for HOTP the key should be a minimum of 128bits for best security, however the personalisation tool (windows) enforces a minimum of 160bits. I'm attempting to use a YubiKey to replace the Google Authenticator app and I notice that they use a key length of 80bits. Are we able to allow the personalisation program to use a variable key length instead of enforcing a 160bit key? That would allow me to use my YubiKey with Googles Existing Two-Factor Authentication system. You can take a look at the standard here: http://www.ietf.org/rfc/rfc4226.txt |
|
| Page 1 of 1 | All times are UTC + 1 hour |
| Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/ |
|