Outer Web | Explore

Explore >> Select a destination

You are here		rcoh.me Demystifying Two Factor Auth
\|	\|	imrannazar.com Degoogling TOTP Authenticator Codes - Imran Nazar	3.7 parsecs away Travel
\|	\|	I've been slowly removing Google apps from my life, and one of the last ones left is Authenticator. In this post I look at migrating codes out of Authenticator to a command-line OTP tool, and the steps involved.	3.7 parsecs away Travel
\|	\|	zserge.com How do One-Time passwords work?	1.6 parsecs away Travel
\|	\|	Many of us use one-time passwords (OTP) regularly to log into different services. Most probably rely on Google Authenticator and similar tools. But what about building one by ourselves?	1.6 parsecs away Travel
\|	\|	labanskoller.se Laban Sköllermark \| Many Common Mobile Authenticator Apps Accept QR Codes for Modes They Don't Support	2.7 parsecs away Travel
\|	\|	You probably use an "authenticator app" such as Google Authenticator to enable two-step verification (sometimes called two-factor authentication, 2FA, or multi-factor authentication, MFA) for an online account. The method is called Time-Based One-Time Password Algorithm (TOTP) and is standardized in RFC 6238. In October 2017 when I evaluated HashiCorp Vault for generating and storing TOTP secrets for a system at work I realized that the Android version and iOS version of Google Authenticator differed a lot when it comes to which modes are supported.	2.7 parsecs away Travel
\|	\|	palant.info Should your next web-based login form avoid sending passwords in clear text? \| Almost Secure	16.8 parsecs away Travel
\|		Allowing password-based authentication without letting the server know the password is fascinating. Unfortunately, for web applications this doesn't solve any problems.	16.8 parsecs away Travel