I could not find a .NET implementation of the HMAC-Based One Time Password (HOTP) algorithm as specified in RFC4226 so i decided to write one myself. Because the Time-Based OTP (TOTP) algorithm is an application of HOTP, more specifically: TOTP = HOTP(K, T) with T = (Current Unix time – T0) / Timestep, i have implemented that algorithm too.

You can find both Be.Timvw.Framework.Security.HmacOneTimePassword and Be.Timvw.Framework.Security.TimeOneTimePassword in the BeTimvwFramework. For more information about authentication i would recommend the specifications and technicals resources at the OATH.