-
Notifications
You must be signed in to change notification settings - Fork 209
/
README
22 lines (15 loc) · 811 Bytes
/
README
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
Ported from http://code.google.com/p/google-authenticator/
You can use the Google Authenticator app from here
http://www.google.com/support/accounts/bin/answer.py?hl=en&answer=1066447
to generate One Time Passwords/Tokens and check them with this little
PHP app (Of course, you can also create them with this).
There are many real world applications for that, but noone implemented it yet.
See example.php for how to use it.
There's a little web app showing how it works in web/, please make users.dat
writeable for the webserver, doesn't really work otherwise (it can't save the
secret). Try to login with chregu/foobar.
What's missing in the example:
***
* Prevent replay attacks. One token should only be used once
* Show QR Code only when providing password again (or not at all)
* Regenrate secret