6.2.2. Disable the autoresync function#
Open the LinOTP management with https://<linotp-server-ip>/manage
Navigate to ‘LinOTP Config’ in the menu and select ‘System Config’ there
In the line ‘Auto resync’ remove the check mark
‘Save Config’ to apply the configuration
This reliably prevents the possible attack by reusing OTP. As long as the function is not activated again, your system remains secure.