0

Is there a flow process for 2 factor Authentication that explains the process. Google Authenticator is used here.

For example ,

 1. user is configured to use 2 Factor Authentication.
 2. user logins in with username and password.
 3.if successful then a QR screen is displayed for the user to enter code.
 4.on submit the code the user is redirected to teh app and the code is verified.
 5.if successful , user is allowed in.

What i dont get is the use of the "secret" and how it is used , where is it stored ?

So in between steps 2 and 3 I assume there must be something in the background that happens in order to generate the one time code , which I am trying to get a grip of in regards to a c# sample app .

Any ideas if there is a sample app that can help with this.

Tracey
  • 81
  • 6
  • I think it's a simple concept like when you get token form Oauth or something https://learn.microsoft.com/en-us/aspnet/mvc/overview/older-versions/using-oauth-providers-with-mvc >What i dont get is the use of the "secret" and how it is used - The use of the secret is to give to the client for use as another factor to authentication > where is it stored ? It may be store or not store as per provider implement (may be just only a message that the provider can understand ). The real goal is for client to show it to proof that you is really the real client. – user3682728 Oct 21 '22 at 03:54
  • Imagine you to the club the you show guard your member card , the guard said ok you have a club card then if you are the real member you must know what the word in sms that I gonna send you the to your mobile ( number that is in your club card) , then you look at your mobile , show to message to the guard. – user3682728 Oct 21 '22 at 03:59
  • Is there a c# example using Google authenticator ? – Tracey Oct 21 '22 at 04:16
  • 1
    sorry,I don't know which are the best practice. https://learn.microsoft.com/en-us/aspnet/core/security/authentication/social/google-logins?view=aspnetcore-6.0 https://github.com/BrandonPotter/GoogleAuthenticator https://stackoverflow.com/questions/6421950/is-there-a-tutorial-on-how-to-implement-google-authenticator-in-net-apps – user3682728 Oct 21 '22 at 04:24

0 Answers0