[RADIATOR] TOTP authentication with Oracle

Martin Mersberger martin at mersberger.de
Thu Aug 2 10:35:58 UTC 2018

Hi Denis,

> I rebuilt google authenticator secret, scanning the QR code provided by
> google, I checked the algorith (it seems to me SHA1 is the correct one)
> and time synchronization between radius server and phone.

Did you use the secret like used on google authenticator on Radiator DB
AFAIK, google auth keys are Base32 encoded while radiator uses hex
encoding of the key.

We do use TOTP alot (using sqlite backend) and after I figured the
above, it was working without any issues (assuming time of token
generator and server is in sync; Some Windows Phones had issue some time


PS: http://tomeko.net/online_tools/base32.php?lang=en could be used to
convert as well as

perl -MConvert::Base32  -e 'print uc(unpack("H*", decode_base32("YOUR
SECRET HERE")))."\n";'

More information about the radiator mailing list