I’m currently testing an OTP scenario using the website https://otptest.de/ and the OTP.NET library. However, I’m consistently getting different OTP PINs between my code and the website. I have provided my code in the following gist: text
I would appreciate any guidance on how to resolve this discrepancy and ensure that the OTP PIN generated by my code matches the one generated by the otptest.de website.
Tried otp scenario. Didn’t generate same one with the website.
>Solution :
I’ve run into this myself. The "secret" provided by most OTP generators is BASE32-encoded. OTP.NET expects the decoded bytes as a secret.
The following code produces the same token as the test site. It uses the Base32Encoding helper class to decode the secret into the actual bytes:
var base32Bytes = Base32Encoding.ToBytes("MYM5VAQ");
var otp = new Totp(base32Bytes);
var token=otp.ComputeTotp();