I understand the basic idea of two factor authentication. I understand that two credentials are used to more securely authenticate users. I am asking about a specific method of two factor authentication that I encounter frequently.
When I turn on two factor authentication for my Google account I am able to access frequently changing pseudo-random numbers on my iPhone. These random numbers constitute the second authentication factor (the other being my password) and I am able to enter these numbers to authenticate myself.
What I really don't understand is that these numbers will still work to authenticate my identity when my iPhone is offline. So obviously whatever is going on is more interesting than Google verifying that I have some number they gave me.
I am very interested in what exactly is going on. Is the pseudo-random number a keyed hash of system time? That's my best guess but I am very curious.
Thanks to everyone!
Aucun commentaire:
Enregistrer un commentaire