TOTP security tokens and 2-Step Verification

Time-based One-time Password Algorithm (TOTP) is an algorithm that computes a  one-time password  from a  shared secret key  and the current time. The most popular implementation of this solution is Google Authenticator.

This application that implements  TOTP   security tokens . Usually is branded as “ Two-step verification {.mw-redirect}” (or 2-Step Verification). Authenticator provides a six- to eight-digit  one-time password  which users must provide in addition to their username and password to log into various services or other sites.

You can use it on iPhone or Android  and obviously you are note forced to use it all. There are plenty of other solutions like OATH Toolkit  – just install it via brew brew install oauth-toolkit and then generate token using command line oathtool --totp -b yourkeyhere. Or if you are fan of go – you can use this library go-google-authenticator .

There is a plenty of other solutions – even for smartwatches like Pebble time . Obviously except big players using 2-step verification you also impelement your own quite easly using libraries like  GoogleAuthenticator  or  https://github.com/PHPGangsta/GoogleAuthenticator