Describes specific lessons learned and the best practices established for deploying Open Authentication Initiative HMAC-based One-Time Password (OATH-HOTP) compliant authentication systems. OATH-HOTP is a standard algorithm for calculating one-time passwords based on a secret (a seed value) and a counter.

Date Published: February 2016

Applies To: All YubiKeys (except for FIDO U2F Security Keys)

Download:  OATH-HOTP: Yubico Best Practices Guide

in Configuration GuidesDocumentation