What is Two-Factor Authentication?
Two-factor authentication (2FA / MFA) is a security mechanism that provides an extra level of protection for online accounts. 2-factor authentication involves using an additional factor, such as a smartphone or a hardware OTP token, to confirm the user’s identity.
Through the requirement of this additional factor, unauthorized individuals are prevented from accessing the account, even if the password has been breached. This provides enhanced security and mitigates the danger of unsanctioned account access.
How Two-Factor Authentication Works?
Once the user tries to sign in to their account, they are prompted to provide their password, as usual. However, instead of immediately gaining access, they must also provide an additional authentication method. This second way to verify identity is a one-time passcode generated with the help of a 2FA app or hardware OTP token. The OTP passcode can also be delivered via a chatbot in a messaging app, SMS, or email.
- The user submits the password.
- The user provides the one-time code from the hardware OTP token or phone.
- The one-time code is sent through the API to Protectimus.
- Protectimus verifies the one-time code in real time, and your application instantly receives a positive or a negative response.
- If both passwords are correct, the user is granted access to their account.