TOTP and HOTP¶
- TOTP: Time-based One-Time Password. Generates password by combining shared secret with unix timestamp.
- HOTP: HMAC-Based One-Time Password. Similar to TOTP, except an incrementing counter is used instead of a timestamp. Each time a new OTP is generated, the counter increments.
OTP generation is similar for both TOTP and HOTP. The only difference is that HOTP requires the current counter to be passed.
import Crypto // Generate TOTP let code = TOTP.SHA1.generate(secret: "hi") print(code) "123456" // Generate HOTP let code = HOTP.SHA1.generate(secret: "hi", counter: 0) print(code) "208503"
TOTP and HOTP shared secrets are commonly transferred using Base32 encoding. Crypto provides conveniences for converting to/from Base32.
import Crypto // shared secret let secret: Data = ... // base32 encoded secret let encodedSecret = secret.base32EncodedString()
Data extensions for more information.