Description of Authentication/Synchronization look-back and look-ahead time in Advanced Authentication
search cancel

Description of Authentication/Synchronization look-back and look-ahead time in Advanced Authentication

book

Article ID: 113464

calendar_today

Updated On:

Products

CA Advanced Authentication CA Strong Authentication CA Advanced Authentication - Strong Authentication (AuthMinder / WebFort)

Issue/Introduction

Please elaborate the functionality of look ahead and look back window for authentication and synchronization.

Environment

Release:9.x
Component: WEBFRT( Strong Authentication)

Resolution

Authentication Look Ahead Count


This configuration specifies the number of times the OATH OTP counter on the CA AuthMinder Server is increased to verify the OATH OTP entered by the user. The OATH OTP entered by the user is compared with all the OATH OTPs that are generated from current count - Authentication Look Back Count to current count + Authentication Look Ahead Count on the server, and if the OATH OTP entered by the user matches, then the user is authenticated.
Note: If the client and server OATH OTP matches, then that count is set as the current count on the server.

Authentication Look Back Count


This configuration specifies the number of times the OATH OTP counter on the CA AuthMinder Server is decreased to verify the OATH OTP entered by the user. The OATH OTP entered by the user is compared with all the OATH OTPs that are generated from current count - Authentication Look Back Count to current count + Authentication Look Ahead Count on the server, and if the OATH OTP entered by the user matches, then the user is authenticated.
Note: If the client and server OATH OTP matches, then that count is set as the current count on the server.

Synchronization Look Ahead Count


This configuration specifies the number of times the OATH OTP counter on the CA AuthMinder Server is increased to synchronize with the OATH OTP counter on the client device. To synchronize the client and the server OATH OTPs, the user has to provide two consecutive OATH OTPs and if these OATH OTPs match with the consecutive server OATH OTPs in the lookup range (count - Synchronization Look Back Count to current count + Synchronization Look Ahead Count), then the server counter is synchronized with the count corresponding to the second OATH OTP entered by the user.

Synchronization Look Back Count


This configuration specifies the number of times the OATH OTP counter on the CA AuthMinder Server is decreased to synchronize with the OATH OTP counter on the client device. To synchronize the client and the server OATH OTPs, the user has to provide two consecutive OATH OTPs and if these OATH OTPs match with the consecutive server OATH OTPs in the lookup range (count - Synchronization Look Back Count to current count + Synchronization Look Ahead Count), then the server counter is synchronized with the count corresponding to the second OATH OTP entered by the user.