摘要 |
A mobile phone user is authenticated by an app 180 which generates two time-based codes 182 from a seed record 183, each associated with a different time slot, in order to output a composite code 130 (eg. a QR code or Near Field Communication/Bluetooth code). A time slip of several hours (eg. an international flight) can be accommodated by searching for two time slots over a long timescale (ie. +/- 13 hours) only if the first time-slot authentication fails for a short time range (eg. +/- 5 minutes). After initial enrolment, each subsequent login QR code 175 contains a user name, password and current one-time code generated from the seed record and current time. |