1Password doesn't support for other OTP periods

guyrozendorn

Looks like 1Password always generates QR codes for period=30, doesn't matter if there's something else in the URL;
For example, otpauth://totp/tows%40a?secret=FOOBAR&issuer=tows&period=600

---

1Password Version: 7.4.3
Extension Version: Not Provided
OS Version: OSX 10.15.4
Sync Type: iCloud

Ben

Hi @guyrozendorn

We do have a couple of open issues regarding the TOTP period specification, but in general TOTP periods longer than 30s should work. I just created one:

otpauth://totp/Ben?secret=SECRET&digits=6&period=90

600 for the period value did not work. It appears 99 is the longest we account for. Beyond that it is assumed to be an invalid entry and defaults back to 60. I looked for the spec that might outline how apps such as our should behave here, but I didn't find anything that defines the allowable values for the TOTP period. I'll put a word in with development to see if we can adjust this, or if it there is a spec that defines 99 as the maximum.

Ben

ref: dev/core/core#39

guyrozendorn

Thanks for the quick response; waiting to see if this can be fixed or not.

Ben

@guyrozendorn

You're very welcome. Do you have any example sites/services that use period values greater than 99? That may help push this along.

Ben

mathpere

Hello,

I'm currently putting in place in my organisation totp with period exactly equals to 600.
(Reason for a such long period: We want to temporarily allow unexperimented people to request a otp by SMS)

Do you plan to support longer period than 99 seconds?

Ben

@mathpere

I apologize for the delayed reply. I'm not aware of any definite plans, but we do appreciate the feedback and for you taking the time to share your use case with us. I've updated the issue I mentioned above for development to review. I can't make any promises at this point, but having a better understanding for how folks are using this may help it move forward.

Ben