We have a task in our company now - to choose such devices that it is possible to change TTL for OTP depending on the situation. I've dug through a lot of information, and recently came across a topic that not all tokens allow to easily change these settings. Who has experience with this? What is the best option to take, so that there are no problems with integration and security?
I have just recently dealt with this issue, and I can say that it is worth paying attention to different otp tokens that allow you to manage the lifetime of codes flexibly. I was helped by one resource, which gives a detailed description of programmable tokens and their capabilities - thanks to this, I was able to choose a model that perfectly suits our tasks. The main thing is that the device supports standards and allows you to configure TTL parameters through a convenient interface. I used just such tokens, and everything worked without any problems.
The idea of customizing the lifetime of one-time passwords seems very practical, as different services require varying levels of protection. Although I have not worked with such tokens, it seems to me that the market now offers many options, and it is important to choose something convenient and reliable. I wonder how this flexibility in settings is technically implemented.
