pasamio / oathtoken Goto Github PK

I'm an iPhone newbie.  Please let me apologize in advance if there's some 
standard way of doing things that I should know about but don't.

I'm just not seeing how I can delete a token?  Locked down or not?

Seems like a welldone app though.

OATH Token 1.0.4 currently in the appstore says it requires iOS 4.0.2. I have a 
first-generation iPod Touch, so it's impossible for me to use iOS4.

Any reason for lacking 3.x compatibility? Maybe related to the fix for issue 10?

What steps will reproduce the problem?

1. Specify the secret key 12345678901234567890 (as defined in the specification 
- http://tools.ietf.org/html/rfc4226)
2. Set count to 0
3. Generate pin

What is the expected output? What do you see instead?

Expected:

Count-Pin
0-755224
1-287082
2-359152
3-969429

Actual:

Count-Pin
0-803282
1-039425
2-233531
3-573854

What version of the product are you using? On what operating system?

1.0.1 on iPhone 3G 3.1.3

Please provide any additional information below.

I feel like I'm insane since no one else seems to have noticed the issue. But i 
checked and double checked and triple checked. At first i thought it was my 
code, but i generated a table of pins for incrementing keys. I compared it to 
the test case in the RFC and they match EXACTLY. I googled for an online 
javascript version and the results i get are the same as the RFC and the code i 
have. Am i hallucinating? Surely someone else must have noticed this since we 
are all following the same spec here....

What steps will reproduce the problem?
1. Try to install OATH Token via iTunes

What is the expected output? What do you see instead?
Fails to install.  Under the applications tab in iTunes, the box is unchecked 
so it won't install.  
Clicking the box and re-syncing shows that it attempts to install, but then 
doesn't install.  
Checkbox becomes unchecked again automatically.

What version of the product are you using? On what operating system?
OS X 10.6.3

Please provide any additional information below.
I'm guessing this is some compatibility issue with iPhoneOS 3.1.2.

What steps will reproduce the problem?
1. Enable personal hotspot on the iPhone
2. Connect a computer to the iPhone's wlan, now a blue status bar on the phone 
shows a blinking message about one connected computer
3. Open OATH Token application and try anything, no response from any of the 
GUI elements

What is the expected output? What do you see instead?
I expect the app to generate a one time password, or show info if i press the 
small 'i' or allow me to do anything in it's GUI. What I see is unresponsive 
buttons and other GUI elements, and a still present status bar.

What version of the product are you using? On what operating system?
OATH Token 1.0.5 (r56) on iOS 7.0.2 on an iPhone 5 (plain, no S or C or 
anything)

Please provide any additional information below.
I suspect that it is the actual status bar that gives the problem, especially 
as the green status bar from an ongoing telephone call gives the same effect. I 
also believe that it probably arose in iOS 7, as I cannot recall ever seeing 
this problem before. The status bar is present inside the app and distorts the 
GUI elements as well - maybe the app can hide the status bar?

Anyway, Thank's for a great app, and I can still get by as I do not need time 
based tokens, so at least for me, this is not very urgent.

Specification here:

http://code.google.com/p/google-authenticator/wiki/KeyUriFormat

When a PIN is displayed, touching it should highlight and bring up the
"Copy" to clipboard option. This allows easy entry of the PIN via the
iPhone web browser.

- Allow resorting the key list using iPhone table cell movement controls
- On startup, by default select the first item in the list

This is not a serious issue, just an annoyance.  We like the tool very much - 
keep up the good work!

In our environment we connect to many devices in many remote locations. These 
are often simultaneous logins and our current tokens permit pressing the button 
to toggle off, and back on into the next token code.  This helps us expedite 
connection and resolution.

Would it be reasonable to make it possible to tap the token name or code (or 
even a refresh option you press twice?) and generate the next token code?  We 
are prepared to deploy 10 internal and 10 external tokens based on your app.

We are currently all using this on iPhones, latest code on phones and 
v1.0.3(r46) for the token.

Add support for reading a q-code (via the camera) of any URL supported by 
oathtoken.

Hi Mr. Cobbs,

attached to this message, you'll find my patch for the latest iOS4 
FileProtection features, thus the token.plist file will be stored encrypted on 
the iPhone (if the user got an iPhone >= 3GS and iOS >= 4.0 and lock screen 
enabled).

If you're interested in this patch, it would be nice if you'll push it to this 
project :-)

Cheers
Maddin

it would be useful to be able to set a pin on each token which is required 
before a password can be generated.

What steps will reproduce the problem?
1. Add a token in lock down
2. try to remove it
3.

What is the expected output? What do you see instead?
I expect to be unable to edit/view the token, but expect to be able to remove 
it.  makes testing hard!  :)

What version of the product are you using? On what operating system?
1.0.1

Please provide any additional information below.
Great app otherwise.

What steps will reproduce the problem?
1. Start app and select a time based token
2. Exit app, wait one interval length (30 or 60 seconds)
3. Start app again

What is the expected output?

A new OTP since more than "interval" seconds have passed

What do you see instead?

The same OTP as before.
But as soon as a click on the token name the correct OTP is displayed

What version of the product are you using? On what operating system?

1.0.2, iphone 3gs

Please provide any additional information below.

This might be caused by a missing "[self recalculatePassword];" line in in the  
"viewWillAppear" function in MainViewController.m. Just a guess though...

This Token is really good - nice work.

Now that you implemented HOTP and TOTP specs, it would not be a big task to 
implement OCRA with counter or time moving factor.
It is very few new code once you have HOTP+TOTP.

It could be a new selector like:
(Event Based) - (Time Based) - (Challenge Based)

And in challenge, the configuration would consist in providing the OCRASuite 
and OATH secret key (and optionally the OCRA PIN).

Note: If you are interrested, you can use my software for testing OCRA : OpenOTP