OTP Soft Token - How to get the seed? (is it even RFC-6238 compliant?)

[pigsflew]

Hello!

I have set up the Soft Token for FFXIV, but I switch phones often (I develop mobile software for a living). As a result, I would prefer to have the OTP managed by a separate piece of open source software which is a standard implementor of RFC 6238 (used by Google, Microsoft, Amazon AWS, EA.com, Origin, Guild Wars 2, many others; see https://en.wikipedia.org/wiki/Google_Authenticator for info about the implementation).

For me, using an app this way I would be able to have the token added to two mobile devices at a time and would not have to remove and re-add the token from my account each time I change devices or if my phone dies, yet still have the control to be able to disable and change the OTP seed if I ever lose a device.

If you already are using an RFC 6238 implementation under-the-hood, can I get the seed key?

If you are not using an RFC 6238 implementation: why not?

If you were, you would:
- Automatically support Android, iOS, Windows Phone, through Google Authenticator and any other apps which implement the
- Can re-skin Google's own authenticator app which is permissive open source so you don't have to write/maintain your own
- It'd be far more convenient set-up for users, and far less prone to update-based issues like you've been having.

[worldofneil]

I'm pretty sure when I added my authenticator it also said some stuff about Digipass (which is what the physical token is) so no I don't think it's compatible

I would love to be wrong though as I would also like to be able to just add it to Google Authenticator (and in turn get it on multiple devices!). Unfortunately I can't see them changing it as for the most part the current system works and it'd probably cost them more money to switch to a new system when right now they rarely have to do anything with it.

Following this thread with interest!