TOTP algorithm posteo


I use Android FreeOTP on my mobile device to login via 2F on the web mail service “posteo” at the moment. In the FreeOTP application I can select the algorithm for TOTP (SHA1, MD5, SHA256 and SHA512), by default SHA1 is selected and it works (other do not work for this service). Unfortunately, it does not work with my Nitrokey Pro. What algorithm is Nitrokey using? Can I change it for individual slots?

Thanks in advance!


It should work! Please check, are other parameters correct (e.g. period - 30? 60?), and the entered string is correctly interpreted (select between Hex and base32 modes and see, if they are exact with the one on the page).
There might be a problem with the time synchronization as well - device’s clock is set on Nitrokey App’s start, and its value is taken from the host PC. Precision up to 30 seconds is usually required. It could be easily fixed with any NTP synchronization application (Windows/Linux are distributed with such tools). Mobile devices are synchronized automatically with the network’s clock.

According to the source code, Nitrokey Pro uses SHA1. Implementation is tested each release against RFC4226 / RFC6238 test codes and other tools as well.

As for the last question, we do not support any other hash functions at the moment. I never heard of any service using other hash function too, but it is allowed according to the standard.


if I remember correctly I even tested the Nitrokey Pro with my Posteo account, so yes, it should work. Please let us know how the tips given by @szszszsz worked out for you.

Kind regards

Actually, how did you try to make it work with Nitrokey? You used the Nitrokey App, right? What exactly did you do anyway and what was the result (e.g. error messages and alike)?