Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
N
N
nickname012016-11-20 15:39:48
Malware
nickname01, 2016-11-20 15:39:48

Are there other ways of two-factor authentication?

Many sites and web services offer the use of two-factor authentication (sms) to better secure user accounts.
On the one hand, this is good. But on the other hand, a person "burns" his phone number.
Even if you are not a criminal, it still becomes uncomfortable that someone can very easily figure you out by your phone number.
Are there other ways to two-factor authentication on sites and services other than using sms?
It seems that there are special applications for this. Or do they also involve a phone number?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

7 answer(s)
Report
X
xmoonlight, 2016-11-21
@xmoonlight

The task of two-factor authorization is to protect authorization data from interception. There is a division into 2 independent data transmission channels to prevent possible interception on a single channel.
You can do this:
1. After registration, an HTML page with a JS code (formula) containing a PIN generation formula (based on timestamp, userid, etc.) arrives in the mail. This HTML file can be saved anywhere on any device, preferably without internet access.
At the request of the user, it is possible to bind to subnets or country when issuing a PIN code.
2. Run HTML-ku and get a PIN-code on the screen.
3. Enter it in the field: "PIN".

Report
A
Andrew, 2016-11-20
@OLS

RFC 4226
RFC 6238
both are implemented in the form of phone software, both do not require "shine" the number the
next stage of paranoia - they are the same, but in hardware implementation:
https://yandex.ru/images/search?text=etoken%20otp

Report
D
Dimonchik, 2016-11-20
@dimonchik2013

https://www.authy.com/
https://play.google.com/store/apps/details?id=com....
number both there and there

Report
A
Anton Ulanov, 2016-11-20
@antonsr98

OTP :) and the phone does not burn

Report
B
bnytiki, 2016-11-20
@bnytiki

You can have keys.
But it's inconvenient.
There are special devices with one-time passwords.
But they cost money.
Etc.
You can invent anything.
It's just not very convenient.

Report
D
dhat, 2016-11-20
@dhat

Send code to email.

Report
S
Serdonda, 2016-11-21
@Serdonda

There is such an interesting option - authentication using images
(but I think this is more of a concept)
https://github.com/semaster/2FAuth-Steganography

Similar questions
M
murrometz2016-02-26 11:04:55
What are the consequences and terms of restoring a site after a virus hits it? 3Reply
Z
Zero9320842021-10-25 20:56:59
Is it possible now to catch a virus simply by plugging someone else's USB flash drive into a usb port? 4Reply
L
looooser2018-08-15 17:36:33
Used laptop is behaving strangely. The reason is malware? 5Reply
N
nowm2014-01-13 01:28:31
Webmoney and alternative data streams (ADS) in the NTFS file system 1Reply
V
V Λ DIMB Λ Y Λ Z Ø V2016-04-04 21:16:21
How to overcome the "casino volcano" virus on the site? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question