9th September 2025 (14 Topics)
1
Sep
2
Sep
3
Sep
4
Sep
5
Sep
6
Sep
8
Sep
9
Sep
10
Sep
Two-Factor Authentication
Context:
Growing cyber threats and phishing attacks have highlighted the importance of adopting Two-Factor Authentication (2FA) for securing online accounts.
Two-Factor Authentication
- It is a security mechanism requiring two layers of authentication:
- Something you know ? Password
- Something you have ? OTP/Authenticator App/Hardware Token
- Provides stronger security against stolen or guessed passwords.
TOTP Mechanism
- Time-based One-Time Passwords (TOTP) are generated using a shared secret key and the current time counter (30-second interval).
- Both the server and authenticator app compute the same OTP using HMAC-SHA-256 (hash-based message authentication code).
- Codes are valid only for 30 seconds, making interception useless.
Security Features
- Based on cryptographic hash functions and XOR operations.
- Dynamic truncation ensures conversion of long hash into a short 6-digit OTP.
- Provides confidentiality, integrity, and authenticity of authentication.
- Compatible across multiple platforms due to open standard (RFC 6238 for TOTP).
More Articles
Courses
Study
Notes
Home
Resources
More