Too Long; Didn't Read
Implementing 2FA: How Time-Based One-Time Password Actually Works [With Python Examples] The most popular 2FA method today is to use an authenticator app on your cellphone to generate a temporary password that expires within a minute or less. The TOTP algorithm is defined on the IETF RFC 6238, where it says the shared key "should be chosen at random or using a cryptographically strong pseudorandom generator properly seeded with a random value" It consists of issuing a secret key on your server and reading it on your phone, then using this secret key to generate passwords.
Share Your Thoughts