From 6274ef3a28eb4111c0feb56bd9c33bc562fba34e Mon Sep 17 00:00:00 2001 From: Gray Date: Fri, 7 Apr 2017 10:57:38 -0400 Subject: [PATCH 1/2] Fixed some comments. --- .../j256/twofactorauth/TimeBasedOneTimePasswordUtil.java | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/main/java/com/j256/twofactorauth/TimeBasedOneTimePasswordUtil.java b/src/main/java/com/j256/twofactorauth/TimeBasedOneTimePasswordUtil.java index 026a58a..fd3d3db 100644 --- a/src/main/java/com/j256/twofactorauth/TimeBasedOneTimePasswordUtil.java +++ b/src/main/java/com/j256/twofactorauth/TimeBasedOneTimePasswordUtil.java @@ -35,7 +35,7 @@ *

* *

- * For more details of this magic algorithm, see: http://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm + * For more details about this magic algorithm, see: http://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm *

* * @author graywatson @@ -83,8 +83,8 @@ public static String generateBase32Secret(int length) { } /** - * Validate a given secret-number using the secret base-32 string. This allows you to set a window in seconds to - * account for people being close to the end of the time-step. For example, if windowSeconds is 10 then this method + * Validate a given secret-number using the secret base-32 string. This allows you to set a window in milliseconds to + * account for people being close to the end of the time-step. For example, if windowMillis is 10000 then this method * will check the authNumber against the generated number from 10 seconds before now through 10 seconds after now. * *

From b19bdd330fa7bd35356b48c7a6f50f3be58117d0 Mon Sep 17 00:00:00 2001 From: Gray Date: Sat, 8 Apr 2017 12:34:57 -0400 Subject: [PATCH 2/2] Update README.md --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index ad581a5..8b7b508 100644 --- a/README.md +++ b/README.md @@ -10,9 +10,9 @@ You can use this code with the Google Authenticator mobile app or the Authy mobi ## To get this to work you: -1. Use `generateBase32Secret()` to generate a secret key for a user. For example: `"NY4A5CPJZ46LXZCP"` +1. Use `generateBase32Secret()` to generate a secret key in base-32 format for the user. For example: `"NY4A5CPJZ46LXZCP"` 2. Store the secret key in the database associated with the user account. -3. Display the QR image URL returned by `qrImageUrl(...)` to the user. Here's a sample from GoogleAPIs: +3. Display the QR image URL returned by `qrImageUrl(...)` to the user. Here's a sample which uses GoogleAPIs: ![Sample QR Image](https://chart.googleapis.com/chart?chs=200x200&cht=qr&chl=200x200&chld=M|0&cht=qr&chl=otpauth://totp/user@j256.com%3Fsecret%3DNY4A5CPJZ46LXZCP) 4. User uses the image to load the secret key into his authenticator application.