Activities of "shorhabelsc"

hi

You can change the GUID way based on your actually case.

There are no restrictions.

You are not answering my question at all. Thanks anyhow

Thanks for the feedback. yet I would like to confirm that the Sequential As String was used because the Guid was stored as char, and so if we decide to use binary format then it won't work well in this case?

Hello

I wonder if you have any feedback on the above

regards, Shorhabel

Hi,

Thank you for the feedback.

Microsoft explanation is related to their own implementation in AD B2C service, which is not related to the authenticator app itself not is related to what ABP Code is actually doing. Each server decides how long will it accepts the OTP token; and in their case it seems to be up to 5min,

Generally speaking It is common but not universal to accept, at a given time,

1. the current token,
2. the token from the previous window,
3. the token for the next window. This is done as a partial mitigation for potential clock skew issues on the client that's generating the TOTP codes (e.g. your phone). In practice this means every code is valid for 1m30s, although sites may customize this (with or without changing the window size, which is typically not done because that parameter must be consistent system-wide).

So the question, what is abp server code does in this regard? for how long it would accepts the token?

Regards, Shorhabel