%% You should probably cite rfc6238 instead of this I-D.
@techreport{mraihi-totp-timebased-08,
    number =    {draft-mraihi-totp-timebased-08},
    type =      {Internet-Draft},
    institution =   {Internet Engineering Task Force},
    publisher = {Internet Engineering Task Force},
    note =      {Work in Progress},
    url =       {https://datatracker.ietf.org/doc/draft-mraihi-totp-timebased/08/},
    author =    {David M'Raihi and Johan Rydell and Mingliang Pei and Salah Machani},
    title =     {{TOTP: Time-Based One-Time Password Algorithm}},
    pagetotal = 16,
    year =      2011,
    month =     feb,
    day =       24,
    abstract =  {This document describes an extension of the One-Time Password (OTP) algorithm, namely the HMAC-based One-Time Password (HOTP) algorithm, as defined in RFC 4226, to support the time-based moving factor. The HOTP algorithm specifies an event-based OTP algorithm, where the moving factor is an event counter. The present work bases the moving factor on a time value. A time-based variant of the OTP algorithm provides short-lived OTP values, which are desirable for enhanced security. The proposed algorithm can be used across a wide range of network applications, from remote Virtual Private Network (VPN) access and Wi-Fi network logon to transaction-oriented Web applications. The authors believe that a common and shared algorithm will facilitate adoption of two-factor authentication on the Internet by enabling interoperability across commercial and open-source implementations. This document is not an Internet Standards Track specification; it is published for informational purposes.},
}