2 Factor Authentication (2FA) Java code which used the Time-based One-time Password Algorithm (TOTP) algorithm. You can use this code with the Google Authenticator mobile app or the Authy mobile or browser app. See the wikipedia page about TOTP.
To get this to work you:
- Use
generateBase32Secret()to generate a secret key for a user. - Store the secret key in the database associated with the user account.
- Display the QR image URL returned by
qrImageUrl(...)to the user. - User uses the image to load the secret key into his authenticator application.
Whenever the user logs in:
- The user enters the number from the authenticator application into the login form.
- Read the secret associated with the user account from the database.
- The server compares the user input with the output from
generateCurrentNumber(...). - If they are equal then the user is allowed to log in.
For more details, see the example program.