How to generate OTP Number with 6 digits

java android one-time-password

79,687

Solution 1

Please do not reinvent the wheel - especially in case of security and cryptography. You might end up in a really bad state.

Use algorithms, that the community agreed upon like the HOTP and TOTP algorithm specified by the Open Authentication Iniative. These algorithms are also used by the google authenticater and specified in these RFCs. Read them. They are simple.

https://www.rfc-editor.org/rfc/rfc4226

https://www.rfc-editor.org/rfc/rfc6238

Solution 2

Check google authenticator. : https://github.com/google/google-authenticator it is open source project with OTP functionality

Source code for android app https://code.google.com/p/google-authenticator/source/browse/?repo=android

Here is source code for server side https://github.com/chregu/GoogleAuthenticator.php

Wikipedia article http://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm

Solution 3

Easiest way is to just use DecimalFormat with Random class.

String otp= new DecimalFormat("000000").format(new Random().nextInt(999999));
System.out.println(otp);

Sample Outputs,

Solution 4

protected void onCreate(Bundle savedInstanceState)
 {
        super.onCreate(savedInstanceState);
        setContentView(R.layout.activity_main);
        Random otp  =new Random();

        StringBuilder builder=new StringBuilder();
        for(int count=0; count<=10;count++) {
            builder.append(otp.nextInt(10));
        }
        Log.d("Number", " " + builder.toString());

        TextView txt = (TextView) findViewById(R.id.txt);

        txt.setText(builder.toString());
   }

Solution 5

As stated in other answers, the rules on how to generate TOTP (RFC 6238) and HOTP (RFC 4226) codes are defined in RFC's. However if you don't want to implement them manually. You could always use a library.

For example, I created a library for creating one-time passwords: OTP-Java

Or you also look through the code on how the codes are generated if you prefer to implement it yourself.

View more solutions

79,687

Author by

Android Developer

Updated on August 18, 2021

Comments

Android Developer almost 3 years

What is an OTP number in a login authentication system? Is there any specific algorithm for generating OTP numbers using java (android). Or is an OTP something like random number? How can this be achieved, with optimization.
Mohammad Faisal over 8 years

+1 for providing the ietf links. For future visitors find the java implementation
Saif almost 8 years

can anyone please suggest any library which have these implementation . maven repo will do excellent.
cornelinux over 7 years

I would not recommend implementing 2FA directly in your application. If you want to use the 2nd factor for another application, you should not enroll a 2nd factor for the 2nd and 3rd application. You should manage your 2nd factor centrally and connect your application(s) to this central 2FA auth system. As I am involved I of course recommend privacyidea.org. There are already several plugins for web applications available. Alas, not for maven. But it is as easy as calling a Ajax request. privacyidea.readthedocs.io/en/latest/modules/api/…
Aditya Vats over 7 years

first i created an instance of Random class "otp"...loop is for number of digits i mention 10 ... for OTP count<6 after that otp.nextInt(10) tell that upto which digit it will take number ... 10 is specifying 0-10..if you don't want 0 just add 1 (1+otp.nextInt(10)) and last for just for print in textView i cast it into string .
RAHUL KUMAR SINGHA over 6 years

code edited by #Styx but nothing change in the code it's fine and executing as well..Thanx
TheRealChx101 over 5 years

Your answer doesn't help at all.If you do not want people to re-invent the wheel then why linking to the RFCs? It could have been better if you had given links to libraries instead.
cornelinux over 5 years

@TheRealChx101 funny you! The OP asked for an algorithm that should be used, not a library. I am no android or java guru. So why should I recommend a library. The information posted should be enough for him to use google to find his preferred library. You can do it, too! Just give it a try!
barbsan over 5 years

It prints number between 0 and 1 000 000. There's no guarantee it will return number with 6 digits.
Zoha Irshad over 5 years

It will give 6 digits OTP because I am using random package of until.
barbsan over 5 years

See the docs: public int nextInt(int bound) Returns a pseudorandom, uniformly distributed int value between 0 (inclusive) and the specified value (exclusive)
Madbreaks over 4 years

"Instances of java.util.Random are not cryptographically secure. Consider instead using SecureRandom to get a cryptographically secure pseudo-random number generator for use by security-sensitive applications." docs.oracle.com/javase/8/docs/api/java/util/Random.html
xxyyxx over 3 years

You don't know his use case though. If there's no intention to allow the user to save the seed to their own device then there's no need to use TOTP or HOTP.