Explore >> Select a destination
|
You are here 
|
www.mjt.me.uk | ||
| | | | |
rcoh.me
|
|
| | | | | I always wondered how Google Authenticator style 2-factor codes worked. The process of going from QR code to rotating 6-digit pin seemed a bit magical. A few days ago, my curiosity found itself coupled with some free time. Here's what I found: What's in the QR Code I scanned the QR code from Github with a barcode scanning app. Here's what's inside: otpauth://totp/Github:rcoh?secret=onswg4tforrw6zdf&issuer=Github Not too surprising. It tells us the protocol, TOTP, who is issuing this OTP code (Github), and most importantly the secret:1 | |
| | | | |
prezu.ca
|
|
| | | | | Part 3 is the last part in this short cycle. Here I'll explain all the details around Time-based One-Time Password algorithm. I'll finish up by also elaborating on things common to both, HMAC-Based One-Time Password algorithm: QR Codes used to easily transfer secrets from the server to the Authenticator app Base32 algorithm - used to store non-printable secret in a URI (effectively stored by the QR Codes mentioned above). TOTP One way to avoid the problems with lack of feedback between server and the app... | |
| | | | |
imrannazar.com
|
|
| | | | | I've been slowly removing Google apps from my life, and one of the last ones left is Authenticator. In this post I look at migrating codes out of Authenticator to a command-line OTP tool, and the steps involved. | |
| | | | |
ets.wyo.gov
|
|
| | | 2023 Cybersecurity Awareness Campaign | ||
