What is an OTP number in a login authentication system? Is there any specific algorithm for generating OTP numbers using java (android). Or is an OTP something like random number? How can this be achieved, with optimization.
可以将文章内容翻译成中文,广告屏蔽插件可能会导致该功能失效(如失效,请关闭广告屏蔽插件后再试):
问题:
回答1:
Please do not reinvent the wheel - especially in case of security and cryptography. You might end up in a really bad state.
Use algorithms, that the community agreed upon like the HOTP and TOTP algorithm specified by the Open Authentication Iniative. These algorithms are also used by the google authenticater and specified in these RFCs. Read them. They are simple.
http://tools.ietf.org/html/rfc4226
https://tools.ietf.org/html/rfc6238
回答2:
Check google authenticator. : https://github.com/google/google-authenticator it is open source project with OTP functionality
Source code for android app https://code.google.com/p/google-authenticator/source/browse/?repo=android
Here is source code for server side https://github.com/chregu/GoogleAuthenticator.php
Wikipedia article http://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm
回答3:
protected void onCreate(Bundle savedInstanceState)
{
super.onCreate(savedInstanceState);
setContentView(R.layout.activity_main);
Random otp =new Random();
StringBuilder builder=new StringBuilder();
for(int count=0; count<=10;count++) {
builder.append(otp.nextInt(10));
}
Log.d("Number", " " + builder.toString());
TextView txt = (TextView) findViewById(R.id.txt);
txt.setText(builder.toString());
}
回答4:
Easiest way is to just use DecimalFormat with Random class.
String otp= new DecimalFormat("000000").format(new Random().nextInt(999999));
System.out.println(otp);
Sample Outputs,
002428
445307
409185
989828
794486
213934
回答5:
I have the same difficulty to find simple rule about it.
There are a lot of content explaining about OTP like "Time Synchronized" etc..., however I was looking for a simple solution while keeping the system's security.
In my case I keep the 2FA (Two Factor Authentication), that already gives a lot of security.
A relevant info about JAVA for random generator (see: SecureRandom) Important if you want a unique number generation, avoiding repeats.
Examples:
https://www.securecoding.cert.org/confluence/display/java/MSC02-J.+Generate+strong+random+numbers
Details about it: http://resources.infosecinstitute.com/random-number-generation-java/
Based on examples above I implemented the following snippet:
public class SimpleOTPGenerator {
protected SimpleOTPGenerator() {
}
public static String random(int size) {
StringBuilder generatedToken = new StringBuilder();
try {
SecureRandom number = SecureRandom.getInstance("SHA1PRNG");
// Generate 20 integers 0..20
for (int i = 0; i < size; i++) {
generatedToken.append(number.nextInt(9));
}
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
return generatedToken.toString();
}
}
回答6:
public static void main(String []args){
java.util.Random r=new java.util.Random();
int otp = r.nextInt(1000000); // no. of zeros depends on the OTP digit
System.out.println(otp);
}
回答7:
First of all OTP stands for one time password it is used for the authentication and
verification this is code is for java implemented in netbeans IDE
You have to register on the msg91.com for the api genration and that gives free 250
msgs.
import java.io.BufferedReader;
import java.io.InputStreamReader;
import java.net.HttpURLConnection;
import java.net.URL;
import java.util.Random;
import javax.swing.JOptionPane;
public class SMS {
String num,otp;
SMS(String mob)
{
num=mob;
}
static String otpGenerator()
{
String numbers = "0123456789";
String x="";
Random rndm_method = new Random();
char[] otp = new char[4];
for (int i = 0; i <4; i++)
{
otp[i]=numbers.charAt(rndm_method.nextInt(numbers.length()));
x=x+otp[i];
}
return x;
}//this is the function for the random number generator for otp
public void sms(String otp)
{
try {
String apiKey = "api key on msg91.com";
String message = otp;
String sender = "TESTIN";
String numbers = num;
String a="http://api.msg91.com/api/sendhttp.php?
country=91&sender="+ sender +"&route=4&mobiles=" + numbers +"&authkey=api
key on msg91.com&message="+message+" ";
//System.out.println(a);
// Send data
HttpURLConnection conn = (HttpURLConnection) new URL(a).openConnection();
String data = apiKey + numbers + message + sender;
conn.setDoOutput(true);
conn.setRequestMethod("POST");
conn.setRequestProperty("Content-Length", Integer.toString(data.length()));
conn.getOutputStream().write(data.getBytes("UTF-8"));
final BufferedReader rd = new BufferedReader(new
InputStreamReader(conn.getInputStream()));
final StringBuffer stringBuffer = new StringBuffer();
String line;
while ((line = rd.readLine()) != null) {
//stringBuffer.append(line);
//JOptionPane.showMessageDialog(null, "message"+line);
System.out.println("OTP SENT !");
}
rd.close();
//return stringBuffer.toString();
} catch (Exception e) {
JOptionPane.showMessageDialog(null,e);
}
}
//now you have to call this function and send your number as the parameter
public Start() {
this.setUndecorated(true);
initComponents();
jPasswordField1.setBackground(new Color(0, 0, 0, 0));
jPasswordField1.setOpaque(false);
//jPasswordField1.setBorder(null);
this.setBounds(300, 200, 707, 390);
SMS otp=new SMS("your number");
x=otp.otpGenerator();
otp.sms(x);
}
回答8:
import java.util.*;
public class OTP2 {
static char[] OTP(int len) {
System.out.println("Generating OTP using random ()");
System.out.print("Your OTP is:");
// Using numeric values
String numbers = "0123456789";
// Using random method
Random rndm_method = new Random();
char[] otp = new char[len];
for(int i=0; i<len;i++) {
// use of charAt() method : to get character value
// use of nextInt() as it is scanning the value as int
otp[i] = numbers.charAt(rndm_method.nextInt(numbers.length()));
}
return otp;
}
public static void main(String args[]) {
int length = 6;
System.out.println(OTP(length));
}
}
