two-factor_authentication
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
two-factor_authentication [2019/08/21 06:45] – neil | two-factor_authentication [2019/08/21 06:55] – neil | ||
---|---|---|---|
Line 5: | Line 5: | ||
* [[two-factor_authentication# | * [[two-factor_authentication# | ||
* [[two-factor_authentication# | * [[two-factor_authentication# | ||
+ | * [[two-factor_authentication# | ||
====" | ====" | ||
Line 48: | Line 49: | ||
These one-time codes are usually generated by a piece of software on your computer or phone, or else through a dedicated hardware device. | These one-time codes are usually generated by a piece of software on your computer or phone, or else through a dedicated hardware device. | ||
- | ===Time-based One-Time Passwords (TOTP)=== | + | ===Time-based One-Time Passwords (TOTP) |
+ | Â | ||
+ | Lots of sites support one-time codes, which changes after a few seconds. This is known as " | ||
+ | Â | ||
+ | Once set up, you need to log in using your username and password, and then put in the current code before it expires. This means that you always need to have the mechanism to generate the code to hand, when you want to log in. | ||
+ | Â | ||
+ | These work by generating a special code, which you store on a device, and which the service stores. So, to use TOTP, you need a means of storing this special code. (You may not even see the special code; you may just need to scan a QR code, which automates the storage, so that you see only the effect of it, which is the generation of six-digit one-time passwords, which change routinely). | ||
+ | Â | ||
+ | You might be able to use [[passwords# | ||
+ | Â | ||
+ | Alternatively, | ||
+ | Â | ||
+ | You might also use a hardware device. | ||
===Avoid text message for delivery of codes === | ===Avoid text message for delivery of codes === | ||
Line 57: | Line 70: | ||
Second, if someone manages to hijack your phone number (sometimes known as "SIM swapping" | Second, if someone manages to hijack your phone number (sometimes known as "SIM swapping" | ||
+ | |||
+ | Third, if you are out of signal, you cannot get your code — no good for places with Internet connectivity, | ||
two-factor_authentication.txt · Last modified: 2022/09/08 09:09 by neil