Initialization: Setting secret
The card accepts secret in slightly modified Google Authenticator otpauth URL. (no counter or any parameter other than secret)
otpauth://hotp/username@server/?secret=base32encodedsecret
Please note that counter currently can't be set using URL, and restarted to 0 when the key is updated
Example: for RFC 4226 test secret 0x31 0x32 0x33 0x34 0x35 0x36 0x37 0x38 0x39 0x30 0x31 0x32 0x33 0x34 0x35 0x36 0x37 0x38 0x39 0x30 OTPAUTH URL would look like this:
otpauth://hotp/[email protected]?secret=GEZDGNBVGY3TQOJQGEZDGNBVGY3TQOJQ
Note: account name ([email protected] in this example) is usually used in software generators to label added account. It is not used in OTP computation and is ignored by the card.
Please make sure you have set payload before setting secret, as every time card is being written on some card read operations are executed, causing generation of new OTP codes, which may result in desynchronization of counter on server and on card.
Procedure is similar to loading any other URL and is described on Setting payload page and on following animation.
After these steps are finished, the card is ready to use.
