Stack Overflow
Stack Overflow

Questions tagged [two-factor-authentication]

Is an approach to authentication which requires the presentation of two or more authentication factors.

Two-factor authentication (TFA, T-FA or 2FA) is an approach to authentication which requires the presentation of two or more of the three authentication factors: a knowledge factor ("something the user knows"), a possession factor ("something the user has"), and an inherence factor ("something the user is").

See also and the Security.StackExchange multi-factor tag.

417 questions
12
votes
4 answers

using git send-mail with google 2-factor authentication

I'd like to use git send-mail to submit patches upstream, but my gmail account is using two factor authentication. Google provides app specific passwords for things like this, but my question is where is a secure place to store this password for use…
Dan Albert
  • 8,619
  • 1
  • 30
  • 72
11
votes
1 answer

What HTTP status to use in 2 factor authentication

My website workflow is that the user submits their username and password, then if 2 factor authentication is enabled, my website will request the user to enter 2 factor token via modal dialogue. My question is what HTTP status code should I use to…
theminer3746
  • 757
  • 11
  • 27
11
votes
5 answers

Sourcetree add bitbucket with two factor auth

I've enabled two factor authentication for my bitbucket account. Now Atlassian Sourcetree app on Osx doesn't works, it is unable to login on bitbucket. How i can configure SourceTree to use bitbucket two factor auth?
Premier
  • 3,952
  • 6
  • 39
  • 56
10
votes
1 answer

ASP.NET Identity Two Factor not working - Cookie Issue?

Background: I have been using the Identity-Sample project provided by the Microsoft team here: I have integrated the Identity-Sample project & prerelease nuget packages into an existing project, that was previously using the latest stable version of…
ASX
  • 625
  • 7
  • 17
9
votes
3 answers

Should 2FA secret codes be hashed for storage?

I'm working on implementing 2FA with Google Authenticator on our website. If I understand correctly every user will have their own secret code, which I will need on login to verify the 6 digit code they enter. Storing these secret codes in the same…
blackbird
  • 989
  • 1
  • 14
  • 39
9
votes
2 answers

Register with Phone number instead of email using mvc identity

I have a requirement in my web application, that I need to register a user with their phone number instead of email and password. The system should take the input of the user's phone number and send an OTP SMS to that phone number. If the OTP…
Tarak
  • 171
  • 1
  • 14
8
votes
0 answers

Yesod.Auth - how to require second-factor authentication?

I'm currently building a personal website in Yesod 1.4.5, and at the moment I'm implementing authentication. Authenticating with a username and password was easy enough - I used Yesod.Auth.HashDB - but as I'm quite security-conscious I'd like to…
00dani
  • 1,448
  • 15
  • 17
8
votes
2 answers

Need cookie to remember two-factor authentication success (not persistent login)

I've read a lot here and other places about using a cookie for a "remember me" option, but what I'm looking for is a way to design a cookie to record success of a two-factor authentication. This is what, for example, Google does: If the second step…
Marc Rochkind
  • 3,530
  • 2
  • 28
  • 35
7
votes
1 answer

How to create google two factor authentication using php?

I want to use Google 2FA in my PHP project. The user needs to enter the 6 digit 2fa code while logging in. May you draw some tips on which direction to take?
Murali Tharan
  • 177
  • 1
  • 1
  • 8
7
votes
2 answers

Two Factor Authentication using Google Authenticator in own asp.net project?

Hello I have created own asp.net project (Not MVC). Now I want to implement Two Factor Authentication using Google Authenticator. So when ever user get register user will get key or get QR image and setup with it's android phone. And for login they…
Pankaj Mishra
  • 19,129
  • 14
  • 63
  • 102
7
votes
2 answers

Decoding Google 2 Factor Authentication QR Code Format

According to wiki, google 2 factor authentication secret key is supposed to be a 16 character base32 string. When I decode the QR Code that google sent me, I find that it complies with the Key format specified by google, but I find that the secret…
PressingOnAlways
  • 10,144
  • 4
  • 27
  • 48
7
votes
1 answer

Shiro, Multi Factor Authentication

Is there a way to implement multi factor authentication in Shiro? Can somebody give me a hint on how to implement this? For more details: The basic idea is, that a user needs to login just as usual, using username and password, but before being…
RedSonja
  • 360
  • 1
  • 13
7
votes
2 answers

Google Account sign-in error (two-factor authentication)

I'm using Google two-factor authentication on a Galaxy 10.1 tab and receiving notification of a "Sign-in error" for my Google account. gmail and other Google apps seemed to be working, but I went to the security settings for my account on a…
gcbound
  • 740
  • 8
  • 19
6
votes
1 answer

How can I write an application which utilizes Intel IPT hardware?

What is involved in writing some kind of abstraction layer for Intel IPT hardware? For those unfamiliar with Intel IPT, it is an embedded co-processor used to generate unique 6 character one-time passwords every 30 seconds starting from a secret…
Jon
  • 1,279
  • 1
  • 11
  • 30
6
votes
0 answers

django-otp implementation using custom Views

I have been trying to implement the django-otp with qrcode using custom Forms and Views. The problem is I am a little caught up on whether my implementation is correct or not. As the documentation states that a request.user.is_verified() attribute…
Fahim Ahmed
  • 317
  • 3
  • 14
1
2
3
27 28