![]() ![]() but I don't mind uploading what I got at the moment here. It's not a complete App, just the proof of concept part of generating a secret -> bar code for the google authenticatior and then calculate the code. In case you have experience with alternative approaches / services / tools, I am also open for suggestions. If not, could you please recommend me an alternative way to implement 2FA in a lightweight manner in Outsystems? The Authy ID (or user key), which is needed to identify the user, is already stored in a table in my application and is collected as when the username is entered.ĭoes this approach make sense? is it how 2FA should be implemented? the steps between the dotted lines are added to the standard login action. The concept that I am thinking of now is to have the token validation process as a conditional step, that must happen before the user_login action is called. The question that I currently have is what is the best practice to integrate this token validation in a login procedure. (more information about the API can be found on ) I found a cloud-based service called ‘Authy’ which seems to offer an elegant, lightweight two factor authentication solution, based on a software based token (the authy app) or SMS.Ī REST API is available to verify a user token: Authy has been available on more platforms than Microsoft authenticator, and it also has more backup features to save on its servers.I am building a new application in which I want to add an additional layer of security, by adding two factor authentication (2FA). Microsoft Authenticator and Twilio’s Authy are both great two-factor authenticators that offer great security features. Authy supports way more platforms, including iOS, Chrome browser, macOS, Windows, and Android. Microsoft Authenticator supports both mobile platforms and Windows 10.They offer the ability to back up 2FA codes for iOS devices. Authy gives more options for backup, which are then saved to the Authy servers themselves, whereas Microsoft Authenticator also offers backup, but it’s less than Authy.On the other hand, you do require an active and working sim card to create an account in Authy. A new user does not require a sim card when creating an account in Microsoft authenticator.Microsoft Authenticator was released in 2015, whereas Authy was released in the year 2012.The company that released Microsoft Authenticator is Microsoft, and the company that released Authy is Twilio.Main Differences Between Microsoft Authenticator and Authy These backups allow you to recover your tokens if you get a new phone or lose your current one. All of these backups are encrypted before they are uploaded, so not even someone from Authy will have access to the accounts and their details. This also means that Authy won’t be able to recover the account if you forgot the password.Īuthy also offers a feature to back up all of your tokens online, but this is disabled by default. It has an option for its users to enter a private password or pin code which Authy will use to encrypt their login data for the accounts in the cloud. It also allows schools and workplaces to register users’ devices for better usage.Ī great advantage of Authy is its encrypted cloud backup. You can turn it on if you want to through the settings. Microsoft Authenticator offers a feature of account recovery. You will then be asked to scan the QR code within the app. You are required to have a QR code from the site or app to Microsoft Authenticator if you are not using a Microsoft site or product. ![]() Microsoft Authenticator is compatible with Microsoft products as well as any websites or apps which use two-factor authentication with a single-use passcode which is also time-based. Microsoft Authenticator is a two-factor authentication technology in the form of an app that adds security to your online accounts. It supports iOS, Android, Windows, Chrome browsers along with macOS. Platforms It supports both mobile platforms and Windows 10. You can take more backups that are then saved to Authy servers. ![]() Backups It offers the ability to back up 2FA codes for iOS devices. Parameters of Comparison Microsoft Authenticator Authy Company Microsoft Twilio Released 2015 2012 Creating an Account It doesn’t require a sim card. ![]()
0 Comments
Leave a Reply. |