here's my code in generating the qr code
public function getUrl($user, $hostname, $secret) {
$encoder = "https://chart.googleapis.com/chart?chs=200x200&chld=M%70&cht=qr&chl=";
$encoderURL = sprintf( "%sotpauth://totp/%s@%s",$encoder, $user, $hostname);
$finalEncodorURL = $encoderURL . "%26secret=". urlencode($secret);
return $finalEncodorURL;
}
supposedly this will generate a qr code, and it does. but when i scan this code using google authenticator app, it will generate an error
The barcode 'otpauth://totp/[email protected]&secret=UOPKN6QFW3J6PW74' is not a valid authentication barcode.
but when "manual entry" using the secret key, it'll work and i can login just fine using the generated key.
i found stuffs in the internet saying i should urlencode the data, i did, but still it wont work.
here's a sample url generated by the function above:
https://chart.googleapis.com/chart?chs=200x200&chld=M%70&cht=qr&chl=otpauth://totp/[email protected]%26secret=UOPKN6QFW3J6PW74
am i missing something or did something wrong?
Just replace &secret=
with ?secret=
(don't forget to url-encode).
Also I don't know if this is the case here but the account name cannot have a space. It would work if you scan with Androids, but not with iPhones (go figure!)
It appears that both Google and IOS Authenticator apps don't like spaces in the 'Account Name' in OTP QR Codes. Replace them with something like - or _ or remove them.
The Windows phone app allows spaces and a version I installed on a Android Phone 6 months ago worked. I didn't get chance to test IOS but it looks like IOS has an issue. Entering the key manually works just fine but not scanning a QR Code with a SPACE in it.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With