The MultiOTP class is a strong authentication class in pure PHP that supports the following algorithms:
- mOTP (http://motp.sourceforge.net)
- OATH/HOTP RFC 4226 (http://www.ietf.org/rfc/rfc4226.txt)
- OATH/TOTP HOTPTimeBased RFC 4226 extension
multiotp works great with TekRADIUS - RADIUS Server for Windows, a very nice free RADIUS server for Windows from Yasin KAPLAN (now with MS-SQL or SQLite backend).
Now it is possible to import PSKC Algorithm Profiles containing tokens
definition for TOTP and HOTP algorithm. Thus, creating a user and attributing
a token is easier. You only need to give the name of the user, the token id
and the desired pin code of the user.
The multiotp-database-format flat file has been enhanced to version 3.
Regular attributes are written attribute=value and encrypted attributes are
now written encrypted_attribute:=encrypted_value. If you want to set a new pin
for a user, you can open the file of the user and change the line
user_pin:=ACQwJw== by user_pin=1234. The new value will be correctly read the
next time, and encrypted again the next time something is written in the file.
In debug mode, the command line version is now returning a text information
after the exit code.
checkmultiotp is a small script that will check
multiotp compliance with OATH/HOTP RFC4226. It must be
installed in the same directory as the multiotp.exe file.