One Time Passwords
MacPass supports both HMAC-based one-time passwords (RFC 4226) and Time-based one-time passwords (RFC 6238).
Both passwords require you to add special custom strings to an entry. The KDBX container has native support for both but there are numerous other variations for time-based one-time passwords since. If an entry has all the required settings to calculate a one-time password you can use the placeholders {HMACOTP} and {TOTP} or {TIMEOTP} to use Hmac- and Time-based one-time passwords. Those placeholders are available for Entry fields as well as for Autotype sequences.
Hmac-based one-time passwords require a secret. You can supply the secret in different encodings.
- HmacOtp-Secret
- HmacOtp-Secret-Hex
- HmacOtp-Secret-Base32
- HmacOtp-Secret-Base64
If MacPass does find more than one secret for an entry, the first one get's used! The encoding has to match the required one since MacPass does not try to guess the format if mismatches occur. When the plain text secret is used, MacPass used the UTF-8 encoding.
- HmacOtp-Counter
This file holds the counter in decimal format. A counter is generated automatically if none was found. The counter gets updated every time a new OTP is generated. The counter gets incremented every time MacPass copies a field with the {HMACOTP} placeholder or evaluates an Autotype-sequence containing the {HMACOTP} placeholder. Consider this when interacting with an entry. The default value is 0.
TODO
TODO
TODO
