How does Google Authenticator work?
How does 𝐆𝐨𝐨𝐠𝐥𝐞 𝐀𝐮𝐭𝐡𝐞𝐧𝐭𝐢𝐜𝐚𝐭𝐨𝐫 work? We use this authenticator a lot for logging into our accounts and transferring money online. But how does it guarantee security? Google Authenticator is a software-based authenticator that implements two-step verification service. The diagram below provides detail. There are two stages involved: 🔹 Stage 1 - The user enables Google two-step verification. 🔹 Stage 2 - The user uses the authenticator for logging in, etc. Let’s look at these stages. 𝐒𝐭𝐚𝐠𝐞 1 Steps 1 and 2: Bob opens the web page to enable two-step verification. The frontend requests a secret key. The authentication service generates the secret key for Bob and stores it in the database. Step 3: The authentication service returns a URI to the frontend. The URI is composed of key issuer, username and secret key. The URI is displayed in the form of a QR code on the web page. Step 4: Bob then uses Google A...