3.1. Default Settings

The settings of the server are stored in the token database, which is defined in the file linotp.ini. For configuring the server settings go to the menu Config → LinOTP Server Configuration. In this configuration dialog you can configure token default values, which are set to tokens, that are enrolled or imported anew.

The Sync Window is the window size the HMAC OTP algorithm should look into when resynchronizing HMAC OTP bases tokens. This is to avoid, that LinOTP will compute forever when resynchronizing tokens with wrong OTP values.

The Count Window defines the value, how many additional OTP values LinOTP will compute to verify the OTP value entered by the user.

The OTP Length is the length of the generated OTP values. The eToken NG-OTP and also the Safeword Alpine and eToken PASS all use 6 digits. Nevertheless RFC 4226 also allows to use 8 digits, which might be used by other tokens. If you are using tokens from SafeNet, leave this as 6 digits.

If the user fails to authenticate for more than Maximum Fail Count times, the tokens of the user get locked. Locked tokens need to be removed or unlocked.