Authentication: TOTP


Let's make one thing perfectly clear... TOTP ≠ OTP OTP = One-Time Password TOTP = Time-based One-Time Password As discussed in the Two-Step Verification post, OTP sends the one-time password to the user's mobile phone via SMS or to the user's email address. TOTP, on the other hand, uses a local app on the mobile... Continue Reading →

Advertisements

Authentication: Two-Step Verification


So far, I've realized the following I have way too many identities Password complexity rules are implemented incorrectly Multi-factor authentication will provide additional authentication security So let's look at one of the most basic forms of MFA. Unfortunately, I've seen this take on many names: Two-Step Verification Two-Step Authentication One-Time Password After providing your username... Continue Reading →

Authentication: Passwords


<Sarcasm> Passwords.  I love them. I love them so much, I have over 150 of them. </Sarcasm> We have our identity and we provide it to a system.  In order to prove we are who we say we are, we need to authenticate. Passwords are one method for authentication.  In theory, passwords are easy, but in... Continue Reading →

Authentication: Your Identity


Most of us ignore authentication because it is seamless with us using our Active Directory username to log onto a domain-joined Windows 10 PC. But when we expand beyond Windows, there are so many other things to consider. I avoided learning about authentication for a long time.  So many technologies. So many acronyms.  So many... Continue Reading →

Create a free website or blog at WordPress.com.

Up ↑