1Password's update highlights the difference between two-step and two-factor verification<article>
<section class="page">
<p>
An
update to 1Password brings time-based one-time passwords (TOTP for short) to its iOS app. A one-time password is typically used as a second element in two-factor authentication (2FA), a subject I’ve written about many times in this column. But, as
noted in a sensible and honest post by AgileBits, 1Password’s developer, a second factor isn’t always a second factor.</p><p>
A TOTP requires a seed code that, when transformed through an algorithm that includes the precise current time, produces a number that’s converted into a short code, typically six digits long. In order to use a TOTP at a site that offers it, you walk through its enrollment process, which involves scanning a two-dimensional QR Code and generating one-time backup or recovery keys. The QR Code graphically represents the seed that both you and the site retain. (Some sites offer the seed as a code you can tap in as well.)</p><p class="jumpTag"><a href="/article/2877616/1passwords-update-highlights-the-difference-between-two-step-and-two-factor-verification.html#jump">To read this article in full or to leave a comment, please click here[/url]</p></section></article>
Source:
1Password's update highlights the difference between two-step and two-factor verification