[Cialug] 2FA

Jared Brees fromj2sitsme at msn.com
Wed Mar 13 16:11:56 UTC 2019 

Pretty much all 2FA apps support TOTP. The difference is what they add on top. Google Authenticator is pretty bare-bones... nothing but TOTP as far as I can tell. Microsoft's supports TOTP, or a "push" that you just say yes/no. Authy supports backups and sync. Duo supports all kinds of integrations, including push notifications, etc. Also most sites claim to have different QR codes for Google/Microsoft/etc or Android/iOS, but if you actually compare the data in the QR codes, it's effectively all the same. Basically a string of "otpauth://totp/X?secret=Y&issuer=Z", where X is the username/email, Y is the base32 TOTP secret/seed, and Z is the name of the company/site.

________________________________
From: Cialug <cialug-bounces at cialug.org> on behalf of Dave Hala <dave at 58ghz.net>
Sent: Wednesday, March 13, 2019 06:41
To: Central Iowa Linux Users Group
Subject: Re: [Cialug] 2FA

I made some progress on this.  Looks like both the Microsoft authenticator
and Google's authenticator support TOPT, so we might be able to use
either.  That would be a bonus.  I'll dig into it more today.

:) Dave

On Tue, Mar 12, 2019 at 8:18 PM Dave Hala <dave at 58ghz.net> wrote:

> They are a Microsoft shop and they want to use the MS authenticator, so I
> was looking for a solution using that tool.   I could use authy.... but if
> I was going to go that route, I would pick Google's authenticator over
> Authy.
>
> :) Dave
>
> On Tue, Mar 12, 2019 at 6:38 PM Rob Cook <rdjcook at gmail.com> wrote:
>
>> You can specifically not use the MS app and I wouldn't personally as it's
>> limited to just MS. Can you get them to regenerate using 3rd party 2FA
>> options?
>>
>> On Tue, Mar 12, 2019, 4:56 PM Dave Hala <dave at 58ghz.net> wrote:
>>
>> > I have a client that uses O365 and 2FA.  They use they use Microsoft
>> > authenticator to generate the second factor.  We are developing a web
>> > application for them and they have specified this app use 2FA
>> > authentication and the Microsoft authenticator.
>> >
>> > I've been reading up on it, lots information and PHP examples using the
>> > Google authenticator, but very little using the Ms authenticator.
>> >
>> > :) Dave
>> >
>> >
>> >
>> > On Tue, Mar 12, 2019 at 4:46 PM Rob Cook <rdjcook at gmail.com> wrote:
>> >
>> > > Are you asking if we use the MS Auth App or are we doing 2FA on MS Web
>> > > Apps?
>> > >
>> > > I personally have 2FA enabled on my O365 Admin accounts and am using
>> > Authy
>> > > for my 2FA code generating app. Currently I have 8 2FA sites in
>> Authy. If
>> > > you want to use Authy for O365 you have to choose the non-MS app
>> option
>> > so
>> > > that it generates the proper QR code for Authy.
>> > >
>> > > On Tue, Mar 12, 2019 at 4:12 PM Dave Hala <dave at 58ghz.net> wrote:
>> > >
>> > > > Anyone doing 2FA with their web applications using the Microsoft
>> > > > authenticator?
>> > > >
>> > > > :) Dave
>> > > >
>> > > > --
>> > > > NIFCAP  -The Premier Client Intake System for Non-Profit
>> Organizations.
>> > > > https://www.osis.us
>> > > > _______________________________________________
>> > > > Cialug mailing list
>> > > > Cialug at cialug.org
>> > > > https://www.cialug.org/cgi-bin/mailman/listinfo/cialug
>> > > >
>> > >
>> > >
>> > > --
>> > > Rob Cook
>> > > rdjcook at gmail.com
>> > > _______________________________________________
>> > > Cialug mailing list
>> > > Cialug at cialug.org
>> > > https://www.cialug.org/cgi-bin/mailman/listinfo/cialug
>> > >
>> >
>> >
>> > --
>> > NIFCAP  -The Premier Client Intake System for Non-Profit Organizations.
>> > https://www.osis.us
>> > _______________________________________________
>> > Cialug mailing list
>> > Cialug at cialug.org
>> > https://www.cialug.org/cgi-bin/mailman/listinfo/cialug
>> >
>> _______________________________________________
>> Cialug mailing list
>> Cialug at cialug.org
>> https://www.cialug.org/cgi-bin/mailman/listinfo/cialug
>>
>
>
> --
> NIFCAP  -The Premier Client Intake System for Non-Profit Organizations.
> https://www.osis.us
>


--
NIFCAP  -The Premier Client Intake System for Non-Profit Organizations.
https://www.osis.us
_______________________________________________
Cialug mailing list
Cialug at cialug.org
https://www.cialug.org/cgi-bin/mailman/listinfo/cialug

More information about the Cialug mailing list