I want to extend the refresh time of verification code to 1 hour or more. What can I do instead?

[QTNiCheng]

Now the verification code is 30 seconds by default. I have queried a lot of data and have not found a way to modify the refresh time.

[ThomasHabets]

1h or more? Why? Maybe try HOTP?

Sure, I would accept well-written PRs to implement this. But do you even have an OTP generator that supports this?

[QTNiCheng]

Thank you for your reply.
I have encountered some scenes, which is not particularly high for security requirements. I can allow 1 hour to refresh a verification code, or for a longer time. I think there will be some people who have encountered similar situations.
I found a OTP for PYTHON. It seems that you can modify the trigger time, but I have not tested it.
https://github.com/grahammitchell/google-authenticator

[LoganDark]

do you even have an OTP generator that supports this?

KeePassXC supports configuring TOTP parameters, including changing the algorithm (SHA-1, SHA-256 or SHA-512), time step, and code size (how many digits).

[akerl]

It’s worth noting that if you extend the time, you also reduce how frequently you can auth (assuming you disallow reuse, which you should do). If the time step is 1h, you can only log in once an hour.

[LoganDark]

Couldn't be me, I can't get sshd/PAM configured to use google-authenticator properly anyway. :P

[ShadowOfHeaven-Me]

I agree that the time extension feature would be very handy, alongside the possibility to reuse the code. Adding some kind of warning when setting it high might be for the best. Otherwise, for different situations it's best to have more customizability