48b78901f656af2c67b9b0702a15e7596eb74c54David Luna# The contents of this file are subject to the terms of the Common Development and
48b78901f656af2c67b9b0702a15e7596eb74c54David Luna# Distribution License (the License). You may not use this file except in compliance with the
48b78901f656af2c67b9b0702a15e7596eb74c54David Luna# You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
48b78901f656af2c67b9b0702a15e7596eb74c54David Luna# specific language governing permission and limitations under the License.
48b78901f656af2c67b9b0702a15e7596eb74c54David Luna# When distributing Covered Software, include this CDDL Header Notice in each file and include
48b78901f656af2c67b9b0702a15e7596eb74c54David Luna# the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
48b78901f656af2c67b9b0702a15e7596eb74c54David Luna# Header, with the fields enclosed by brackets [] replaced by your own identifying
48b78901f656af2c67b9b0702a15e7596eb74c54David Luna# information: "Portions copyright [year] [name of copyright owner]".
48b78901f656af2c67b9b0702a15e7596eb74c54David Luna# Copyright 2012-2015 ForgeRock AS.
48b78901f656af2c67b9b0702a15e7596eb74c54David Lunaauthentication=Authentication Modules
48b78901f656af2c67b9b0702a15e7596eb74c54David LunaiPlanetAMAuthAuthenticatorOATHServiceDescription=ForgeRock Authenticator (OATH)
48b78901f656af2c67b9b0702a15e7596eb74c54David Lunaa500=Authentication Level
48b78901f656af2c67b9b0702a15e7596eb74c54David Lunaa500.help=The authentication level associated with this module.
48b78901f656af2c67b9b0702a15e7596eb74c54David Lunaa500.help.txt=Each authentication module has an authentication level that can be used to indicate the level of security \
48b78901f656af2c67b9b0702a15e7596eb74c54David Lunaassociated with the module; 0 is the lowest (and the default).
48b78901f656af2c67b9b0702a15e7596eb74c54David Lunaa501=One Time Password Length
48b78901f656af2c67b9b0702a15e7596eb74c54David Lunaa501.help=The length of the generated OTP in digits, must be at least 6 and compatible with the hardware/software OTP \
48b78901f656af2c67b9b0702a15e7596eb74c54David Luna generators you expect your end-users to use. For example, Google and ForgeRock authenticators support values of 6 and 8.
48b78901f656af2c67b9b0702a15e7596eb74c54David Lunaa502=Minimum Secret Key Length
48b78901f656af2c67b9b0702a15e7596eb74c54David Lunaa502.help=Number of hexadecimal characters allowed for the Secret Key.
48b78901f656af2c67b9b0702a15e7596eb74c54David Lunaa503=Secret Key Attribute Name
48b78901f656af2c67b9b0702a15e7596eb74c54David Lunaa503.help=The name of the attribute in the user profile to store the user secret key.
48b78901f656af2c67b9b0702a15e7596eb74c54David Lunaa504=OATH Algorithm to Use
48b78901f656af2c67b9b0702a15e7596eb74c54David Lunaa504.help=Choose the algorithm your device uses to generate the OTP.
48b78901f656af2c67b9b0702a15e7596eb74c54David Lunaa504.help.txt= HOTP uses a counter value that is incremented every time a new OTP is generated. TOTP generates a new OTP every few seconds as specified by the time step interval.
48b78901f656af2c67b9b0702a15e7596eb74c54David Lunaa505=HOTP Window Size
48b78901f656af2c67b9b0702a15e7596eb74c54David Lunaa505.help=The size of the window to resynchronize with the client.
48b78901f656af2c67b9b0702a15e7596eb74c54David Lunaa505.help.txt=This sets the window that the OTP device and the server counter can be out of sync. For example, if the window size is 100 and the servers last successful login was at counter value 2, then the server will accept a OTP from the OTP device that is from device counter 3 to 102.
48b78901f656af2c67b9b0702a15e7596eb74c54David Lunaa506=Counter Attribute Name
48b78901f656af2c67b9b0702a15e7596eb74c54David Lunaa506.help=The name of the attribute in the user profile to store the user counter. This is required if HOTP is chosen as the OATH algorithm.
48b78901f656af2c67b9b0702a15e7596eb74c54David Lunaa507=Add Checksum Digit
48b78901f656af2c67b9b0702a15e7596eb74c54David Lunaa507.help=This adds a checksum digit to the OTP.
48b78901f656af2c67b9b0702a15e7596eb74c54David Lunaa507.help.txt=This adds a digit to the end of the OTP generated to be used as a checksum to verify the OTP was generated correctly. This is in addition to the actual password length. You should only set this if your device supports it.
48b78901f656af2c67b9b0702a15e7596eb74c54David Lunaa508=Truncation Offset
48b78901f656af2c67b9b0702a15e7596eb74c54David Lunaa508.help=This adds an offset to the generation of the OTP.
48b78901f656af2c67b9b0702a15e7596eb74c54David Lunaa508.help.txt=This is an option used by the HOTP algorithm that not all devices support. This should be left default unless you know your device uses a offset.
48b78901f656af2c67b9b0702a15e7596eb74c54David Lunaa509=TOTP Time Step Interval
48b78901f656af2c67b9b0702a15e7596eb74c54David Lunaa509.help= The TOTP time step in seconds that the OTP device uses to generate the OTP.
48b78901f656af2c67b9b0702a15e7596eb74c54David Lunaa509.help.txt=This is the time interval that one OTP is valid for. For example, if the time step is 30 seconds, then a new OTP will be generated every 30 seconds. This makes a single OTP valid for only 30 seconds.
48b78901f656af2c67b9b0702a15e7596eb74c54David Lunaa510=TOTP Time Steps
48b78901f656af2c67b9b0702a15e7596eb74c54David Lunaa510.help=The number of time steps to check before and after receiving a OTP.
48b78901f656af2c67b9b0702a15e7596eb74c54David Lunaa510.help.txt=This is the number of time step intervals to check the received OTP against both forward in time and back in time. For example, with 2 time steps and a time step interval of 30 seconds the server will allow a clock drift between client and server of 89 seconds. (2-30 second steps and 29 seconds for the interval that the OTP arrived in)
48b78901f656af2c67b9b0702a15e7596eb74c54David Lunaa511=Last Login Time Attribute
48b78901f656af2c67b9b0702a15e7596eb74c54David Lunaa511.help=Attribute to store the time of the users last login. This is required if TOTP is chosen as the OATH algorithm.
48b78901f656af2c67b9b0702a15e7596eb74c54David Lunaa511.help.txt=This attribute stores the last time a user logged in to prevent time based attacks. The value is stored as a number (Unix Time).
48b78901f656af2c67b9b0702a15e7596eb74c54David Lunaa514=Maximum Allowed Clock Drift
48b78901f656af2c67b9b0702a15e7596eb74c54David Lunaa514.help=Number of time steps a client is allowed to get out of sync with the server before manual resynchronisation\
48b78901f656af2c67b9b0702a15e7596eb74c54David Luna is required.
8504562b2c91d9df466ab3e2b3ca9e0657db4651David Lunaa515=Name of the Issuer
48b78901f656af2c67b9b0702a15e7596eb74c54David Lunaa515.help=Name to identify the OTP issuer. Must contain only alphanumeric characters (no spaces or special characters).
48b78901f656af2c67b9b0702a15e7596eb74c54David LunaauthFailed=Authentication Failed
48b78901f656af2c67b9b0702a15e7596eb74c54David LunaoutOfSync=Device has exceeded maximum clock drift. Please re-register your device.