Problem
We are using TOTP and noticed a few problems reported by some of the ArcotID OTP mobile app users, such as:
- As my mobile phone clock is running faster or slower, authentication failures start happening some days after ArcotID OTP activation.
- TOTP change interval is too short to allow me to finish the input.
Solution
Additional to enabling time synchronization on the mobile phone or using some Clock Sync App to synchronize the mobile clock, we can also mitigate the problems by tweaking some settings on Arcot Administration Console.
For the first problem, we can increase the following Count on the ArcotOTP Authentication Policy:
- Authentication Look Ahead Count
- Authentication Look Back Count
For the second problem, we can increase the Time Step setting on the ArcotOTP Issuance Policy:
