Many TOTP code generation apps do not support anything else than SHA1 hash, even if the RFC recommends the use of SHA2 (SHA-256 or SHA-512).It is difficult to get the exact info by platform and by application. I found this article on the subject but it does not say what kind of non-default parameter makes an application fail: Laban Sköllermark | Mobile Authenticator Apps Algorithm Support Review - 2023 Edition (labanskoller.se) For example, I could scan your code with Authy, MS Authenticator and Google Authenticator on Android. Authy and MSA generated the same code, but not Google. I do not know which one is correct (I could test on my Guacamole but do not want to get locked out...) If you want maximum compatibility, stay with sha1. The expiration of the time based codes more than compensates for the "lower" security of sha1. CheersAntoine (PS: if you see some connection attempts from France, blame me, I could not resist giving it try...)
Le jeudi 5 octobre 2023 à 14:53:00 UTC+2, Giacomo Marconi <g.marc...@comune.arezzo.it> a écrit : hi Nick I’ve already tried default settings, and checked the time/date Giacomo On 5 Oct 2023, at 14:38, Nick Couchman <vn...@apache.org> wrote: | Questa email arriva da un mittente insolito. Assicurati che sia qualcuno di cui ti fidi. | On Thu, Oct 5, 2023 at 8:03 AM Giacomo Marconi <g.marc...@comune.arezzo.it> wrote: Hi All in my last Guacamole installation ver 1.5.3), the QR Code generated seems to be wrong.The same TOTP App works only on one platform, for example Google Authenticator read the qr code in Android, but not in IOS. FreeOTP is working in IOS, but not in Android!As you can see in the attachment the Secret Key is strangely long.I’ve tried to change the plugin (1.5.3/1.5.2/1.5.1) and the java (Oracle JKD and openJDK) versions, without success. Is it already happened to someone ? I think the usual questions that come up are:* Are you trying to change any of the parameters related to TOTP, or are you using the defaults (digits, time, etc.)?* Have you verified that the clock on your Guacamole server(s) and your mobile devices are in sync? -Nick