Two Factor Authentication (2FA)

Two Factor Authentication (2FA)

Why it matters? 

  • Passwords are no longer enough to keep your accounts safe. If someone steals or guesses your password, they can log into your account without your knowledge. To reduce this risk, many services use Two-Factor Authentication (2FA).  

 What you should know? 

  • Two-Factor Authentication (2FA) 

  • 2FA adds a second verification factor to passwords, enhancing security. 

  • First factor: something you know (password). 

  • Second factor: something you have (authenticator app, SMS, or hardware token). 

  • Reduces risk of unauthorized access if password is stolen. 

  • Works offline via authenticator apps (Google Authenticator, Authy, Microsoft Authenticator). 

  • Uses TOTP and employs hash functions. 

  • One-Time Password (OTP) and TOTP 

  • OTP: short numeric code valid for one use and a limited time (e.g., 30 seconds). 

  • TOTP: Time-based One-Time Password; codes generated using a shared secret key and current time. 

  • Cryptographic Security 

  • Uses hash functions (e.g., SHA-256) and HMAC (Hash-based Message Authentication Code). 

  • Hash function: It takes an input of any length (like a password, text, or number) and produces a fixed-length output, called a hash or digest. 

  • HMAC: Combines a secret key and message with a hash function to ensure authenticity and integrity. 

  • XOR (“exclusive OR”): A logical operation used in HMAC to securely mix the secret key with data.