Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Blizzard Authenticator]Add option for variable length OTP codes #5

Open
TheManii opened this issue Dec 2, 2019 · 2 comments
Open

[Blizzard Authenticator]Add option for variable length OTP codes #5

TheManii opened this issue Dec 2, 2019 · 2 comments

Comments

@TheManii
Copy link

TheManii commented Dec 2, 2019

Issue: Blizzard accounts use the same, standard TOTP formula as most common TOTP accounts, only that it uses 8 digit OTP codes instead of the more common 6 digit codes

What I saw: (example) 123456
What I expected: (from winauth with same secret) 90123456

How to reproduce:

  1. Download Winauth
  2. Create a new blizzard authenticator
  3. Export the authenticator to a text file
  4. Import the secret into winotp
  5. Observe the last 6 digits match.

The formula is definitely the same, as watching multiple keys produces the same last 6 digits in both, only the first 2 are cut off.
@VladimirAkopyan
Copy link
Owner

This is interesting, I should not be too difficult.

@TheManii
Copy link
Author

TheManii commented Dec 2, 2019

You can confirm the formulas in

  1. WinBMA: https://code.google.com/archive/p/winbma (MIT)
  2. WinAuth https://github.com/winauth/winauth (GPL-3)

You can also recover the secret from the serial and restore code, but that's specific to Blizzard authenticators.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@VladimirAkopyan @TheManii