To prevent replay attacks, OTPs already used should be considered invalid.
Description
Description
Details
Details
- Ticket Type
- Task
Event Timeline
Comment Actions
This is implied with HOTP, and implemented, but not yet for TOTP.
TOTPs should validate from the time issued + margin on to the time submitted + margin.