Description of Authentication/Synchronization look-back and look-ahead time

Document ID : KB000113464
Last Modified Date : 10/09/2018
Show Technical Document Details
Introduction:
Please elaborate the functionality of look ahead and look back window for authentication and synchronization.
Instructions:

Authentication Look Ahead Count

This configuration specifies the number of times the OATH OTP counter on the CA AuthMinder Server is increased to verify the OATH OTP entered by the user. The OATH OTP entered by the user is compared with all the OATH OTPs that are generated from current count - Authentication Look Back Count to current count + Authentication Look Ahead Count on the server, and if the OATH OTP entered by the user matches, then the user is authenticated.
Note: If the client and server OATH OTP matches, then that count is set as the current count on the server.

Authentication Look Back Count

This configuration specifies the number of times the OATH OTP counter on the CA AuthMinder Server is decreased to verify the OATH OTP entered by the user. The OATH OTP entered by the user is compared with all the OATH OTPs that are generated from current count - Authentication Look Back Count to current count + Authentication Look Ahead Count on the server, and if the OATH OTP entered by the user matches, then the user is authenticated.
Note: If the client and server OATH OTP matches, then that count is set as the current count on the server.

Synchronization Look Ahead Count

This configuration specifies the number of times the OATH OTP counter on the CA AuthMinder Server is increased to synchronize with the OATH OTP counter on the client device. To synchronize the client and the server OATH OTPs, the user has to provide two consecutive OATH OTPs and if these OATH OTPs match with the consecutive server OATH OTPs in the lookup range (count - Synchronization Look Back Count to current count + Synchronization Look Ahead Count), then the server counter is synchronized with the count corresponding to the second OATH OTP entered by the user.

Synchronization Look Back Count

This configuration specifies the number of times the OATH OTP counter on the CA AuthMinder Server is decreased to synchronize with the OATH OTP counter on the client device. To synchronize the client and the server OATH OTPs, the user has to provide two consecutive OATH OTPs and if these OATH OTPs match with the consecutive server OATH OTPs in the lookup range (count - Synchronization Look Back Count to current count + Synchronization Look Ahead Count), then the server counter is synchronized with the count corresponding to the second OATH OTP entered by the user.