[
https://issues.apache.org/jira/browse/GUACAMOLE-1056?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Nick Couchman updated GUACAMOLE-1056:
-------------------------------------
Priority: Minor (was: Major)
> Add support for tracking the time drift between guacamole and TOTP-tokens
> -------------------------------------------------------------------------
>
> Key: GUACAMOLE-1056
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-1056
> Project: Guacamole
> Issue Type: Improvement
> Components: guacamole-auth-totp
> Reporter: Stefan
> Priority: Minor
>
> Tokens/Display cards which generate codes directly on the device have an
> internal clock. According our investigates it seams to be normal that a time
> drift of 2 second per week seems to be in a common range. At some point the
> time drift of these token is to high so the TOTP- extensions rejects the
> generated codes. Because it is not possible to correct the on an easy way, we
> will add a tracking of this time drift.
> We added a new attribute for storing the value of the time drift next to the
> TOTP-Key. The module will accept 3 codes, one previous, one on time and one
> in the future. Depending on the accepted code the value will be decremented
> (previous) or incremented (future) or unchanged (on time). The new value will
> be used to compensate the timedrift on the next login.
> The changed code will follow the next days.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
