Authentication: TOTP

Let's make one thing perfectly clear... TOTP ≠ OTP OTP = One-Time Password TOTP = Time-based One-Time Password As discussed in the Two-Step Verification post, OTP sends the one-time password to the user's mobile phone via SMS or to the user's email address. TOTP, on the other hand, uses a local app on the mobile… Continue reading Authentication: TOTP

Authentication: Two-Step Verification

So far, I've realized the following I have way too many identities Password complexity rules are implemented incorrectly Multi-factor authentication will provide additional authentication security So let's look at one of the most basic forms of MFA. Unfortunately, I've seen this take on many names: Two-Step Verification Two-Step Authentication One-Time Password After providing your username… Continue reading Authentication: Two-Step Verification