Difference between revisions of "Authenticator App"

From Studentnet Wiki
Jump to navigation Jump to search
(Created page with "==Learn More about Authenticator Apps== Mobile authenticator apps offer a more secure way to log into your sites and web services with multi-factor authentication. MFA means y...")
 
 
Line 2: Line 2:
 
Mobile authenticator apps offer a more secure way to log into your sites and web services with multi-factor authentication. MFA means you add another factor in addition to that password.
 
Mobile authenticator apps offer a more secure way to log into your sites and web services with multi-factor authentication. MFA means you add another factor in addition to that password.
  
==How Does Authenticator App Works?==
+
==How Does Authenticator Apps Works?==
 
Authenticator apps generate time-based, one-time passcodes (TOTP or OTP), which are usually six digits that refresh every 30 seconds. Once you set up MFA, every time you want to log in to a site, you enter the code into the secured app or site's login page, and voilà, you’re in. The time limit means that if a malefactor manages to get your one-time passcode, it won’t work for them after that 30 seconds.
 
Authenticator apps generate time-based, one-time passcodes (TOTP or OTP), which are usually six digits that refresh every 30 seconds. Once you set up MFA, every time you want to log in to a site, you enter the code into the secured app or site's login page, and voilà, you’re in. The time limit means that if a malefactor manages to get your one-time passcode, it won’t work for them after that 30 seconds.
  

Latest revision as of 02:09, 20 March 2023

Learn More about Authenticator Apps

Mobile authenticator apps offer a more secure way to log into your sites and web services with multi-factor authentication. MFA means you add another factor in addition to that password.

How Does Authenticator Apps Works?

Authenticator apps generate time-based, one-time passcodes (TOTP or OTP), which are usually six digits that refresh every 30 seconds. Once you set up MFA, every time you want to log in to a site, you enter the code into the secured app or site's login page, and voilà, you’re in. The time limit means that if a malefactor manages to get your one-time passcode, it won’t work for them after that 30 seconds.

The codes are generated by doing some math on a long code transmitted by that QR scan and the current time, using a standard HMAC-Based One-Time Password (HOTP) algorithm, sanctioned by the Internet Engineering Task Force (IETF). These apps don’t have any access to your accounts, and after the initial code transfer, they don’t communicate with the site; they simply and dumbly generate codes. You don’t even need phone service for them to work.

Since the protocol used by these products is usually based on the same standard, you can mix and match brands, for example, using Microsoft Authenticator to get into your Google Account or vice versa.

Followed is a list of authenticator apps, you can also use other authenticator apps found on the App Store or Play Store

Google Authenticator

Google authenticator app.png

App Store

https://apps.apple.com/au/app/google-authenticator/id388497605

Google Play Store

https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2

LastPass Authenticator

Lastpass app.png

App Store

https://apps.apple.com/us/app/lastpass-authenticator/id1079110004

Google Play Store

https://play.google.com/store/apps/details?id=com.lastpass.authenticator

Microsoft Authenticator

MS app.png

App Store

https://apps.apple.com/au/app/microsoft-authenticator/id983156458

Google Play Store

https://play.google.com/store/apps/details?id=com.azure.authenticator

Twilio Authy

Twilio.png

App Store

https://apps.apple.com/us/app/twilio-authy/id494168017?platform=iphone

Google Play Store

https://play.google.com/store/apps/details?id=com.authy.authy