Two factor authentication is a way of increasing the security of an application by requiring the user to provide more than a simple password (one factor authentication).? Two factor authentication utilizes two of the following factors to identify the user:
1.? Knowledge - something you know - for example, your password
2.? Possession - something you have - for example, your cell phone or access to your email account
3.? Inherent - something you are - for example, fingerprints or eye iris
The third factor is out of scope for this particular article We're going to look at adding the second form (possession) to a PowerBuilder application. Specifically, we're?What going to use Google Authenticator, an application for mobile devices (and the desktop) that generates time based one time temporary passwords (TOTP) for use with 2FA.
The sample code for this article is available on CodeXchange.
High level overview
When an application is developed to work with Google Authenticator (or similar services such as Authy), it generates a QR code for the user which the user then scans using the 2FA application.? The QR code contains:
- The name of the application (for display in the 2FA app)
- The user id for the user (for display in the 2FA app)
- A secret key (unique for the user and is used in the generation of the TOTP).
The figure below shows the QR code being generated by the sample code for this article using the application name, user id and secret code entered into the form.? Your application would not show the secret key to the user, it's only shown in the sample app so you can try different values.