Skip to main content

HelloID

OATH

HelloID supports Open Authentication (OATH) classic hardware tokens for 2FA. These tokens are not vendor-specific, so there are a lot of cost-effective options available.

2022-10-20_11-33-55.jpg

To get started, go to Security > 2FA > Management, enable Hardware Token Authentication, and click Apply. Then, Add an OATH token or Import OATH tokens.

For a list of OATH tokens that have been tested with HelloID, see Supported 2FA hardware.

Time drift

The allowed clock skew for tokens is 15x the entry interval, in both directions. For example, if the interval is 30 seconds, the allowed skew is +/- 450 seconds. Or, if the interval is 60 seconds, the allowed skew is +/- 900 seconds.