In this blog, we have previous discussed two factor authentication (2FA). In addition to a username/password, with 2FA you have another factor that is often a code that is emailed or texted to you. Because email and text can be hacked, a new method of second factor authentication has emerged in the last few years: Authenticator App.
The most popular authenticator apps are Google Authenticator and Microsoft Authenticator, but there are literally 100s more out there. An authenticator app is downloaded onto your iPhone or Android smartphone and is paired up with a specific website (that supports 2FA) or other application for which you want 2FA. You typically register the website with the authenticator by scanning a QR code. When scanning the QR code, the website generates a secret key (typically 80 bits) specific to your account and during the scan that secret key is transmitted to the authenticator app. The secret key is then used to securely identify the website to the authenticator app when 2FA is used.
When using the authenticator app to login to the website (for example your online bank account), after you enter a username and password you will be prompted to enter a 6-digit or more number as the second factor. You obtain that number by opening your authenticator app and copying it from there. The 6-digit code changes every 30 seconds, so it is difficult for a hacker to intercept and use it.
If you want to learn more about how Accolade Technology can help your business, please contact us at [email protected].