I've recently joined a new company, and my corporate login requires an additional TOTP.
I've tried using the same QR code generated for the TOPT on several TOTP generators, and have had mixed results:
- Authenticator extension for Google Chrome, invalid TOTP
- 1Password extension for Google Chrome, invalid TOTP
- 1Password app for macOS, valid TOTP
- 1Password app for iOS, valid TOTP
- Google Authenticator app for iOS, valid TOTP
Google Chrome is running on the same Macbook as 1Password, and both the date/time values on my iPhone and Macbook are being synchronised with an NTP server.
Does anyone have any idea why the TOTPs generated are all invalid when using Google Chrome extensions?
Best Answer
After checking with the respective teams supporting 1Password and Authenticator, it has been determined that the invalid TOTP generated was due to how the 'period' parameter was being handled.
The 1Password team has released a new version of their extension, and I've verified it to work perfectly, and a feature request has been raised in the Authenticator GitHub repo.