Scribd Logo
Upload

Welcome to Scribd!

  • 2FA

    Uploaded by

    redx1205
    9 views3 pages
    Google Two factor authentication

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Google Two factor authentication

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    9 views3 pages

    2FA

    Uploaded by

    redx1205
    Google Two factor authentication

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 3

    I.

    Google Authenticator How it works

    1. We need a SECRET KEY (ORIGINAL KEY), provided by DB Gurus, or client, or a combination of client
    and DB Gurus. We will be using the original key to generate PRESHARED SECRET KEY to provide to
    the user (employees). (see Image 1.1 Algorithm) The user will use the PreShared Key to his her
    Google App by manually entering it or using QR/Barcode. The Google App generates 6 digits key
    every 30 seconds. (see Image 1.2 Google App Face). We did testing using iPhone and Android yet.

    Image 1.1 Google Authenticator Algorithm

    Image 1.2 Google App face


    II. Google Authenticator How to implement in DB Gurus

    Option 1. Owner Account provides the Barcode and PreShared Key to other users (employees).

    How: The Owner account can generate the Barcode and PreShared Key at the creation of other-
    users stage (Admin > Users > Add user); Detail.aspx page. This could be a button to popup a
    dialog box to show the Barcode and PreShared Key.

    Note: Suggestion, the user should not have a saved-preshared key.

    Option 2. User get the Preshared Key and Barcode

    How: After the user has been created by the Owner Account (or DB Gurus), on the first ever
    login of the new created user, a popup will show to inform the user about his her Barcode and
    Preshared Key.

    Note: This is not secure because the user can save the Barcode or PreShared Key.

    III. Google Authenticator Needed Keys

    1. Original Secret Key


    a. Use to generate PreShared Secret Key
    b. This can be provided by:
    i. DB Gurus, or
    ii. Client, or
    iii. a combination of DB Gurus and client, or
    iv. System Generated for users different PreShared Secret Key (Recommended)

    2. PreShared Secret Key


    a. To be used by user for his her Google App
    b. Barcode or Codes. (see image 1.3 Barcode and Codes)
    3. PIN
    a. Generated by Google App, 6 digits.
    b. To be used every time the user login. This is the 2 nd factor.

    Image 1.3 Barcode and Code


    IV. Impact on Database

    Option 1. One Original Secret Key for all users (Not Secured)

    1. This is not III.1.a.iv


    2. We can use System Option to store Original Secret Key. Encrypt and Decrypt.

    Option 2. Different Original Secret Key per user (Secured)

    1. We need a new Table Column for PreShared Secret Key, perhaps in User Table. C# calls this
    every time the user log in.

    You might also like