Purpose of the Altairis OTP Authentication Library is to allow easy support of one-time password authentication in .NET applications. The library supports both event-based one-time passwords (HOTP, RFC 2446) and time-based passwords (TOTP, RFC 6238).

Components and status

The ultimate goal is to build all components needed for such system, both on server (verifier) and client (prover) side. Current status (as of 2011-07-22) is:

ComponentStatusComments
Core libraryCompletedThe main part, generates and verifies OTPs.
Web server authentication moduleIn progressServer part, plug-in authentication module, based on Forms authentication.
Web server UI controlsPlannedServer UI controls, like standard Forms login control.
Virtual token for WindowsPlannedSoftware token for Windows desktops and notebooks.
Virtual token for Windows Phone 7PlannedSoftware token for Windows Phone 7.


There is enough virtual tokens for older mobile platforms like Windows Mobile, iOS, BlackBerry and Android. The standards-based hardware tokens are supported too. See List of compatible tokens for tokens known to work.

How to get it

At this time, the library is targeted only to developers and therefore only source code is available. I plan to release NuGet package once I have the authentication module ready.

Last edited Jul 29, 2011 at 4:18 PM by altair, version 5