2FA Push Notification
2FA with push notifications offers a balance between security and user convenience, making it a popular choice for many online services and applications.
It typical includes 2 steps: provisioning and authentication
Step 1: Provisioning (device registration):
This step ensures that the user's device is securely linked to their account, enabling the push-based 2FA process in the future.
Step2: Authentication
This step allows the user to review the details of the push notification and either approve or deny the login attempt. Upon approval, the user is granted access to the system; if denied, the system flags the attempt as unauthorized and takes additional security measures, such as locking the account or notifying the user.
It is important to consider short timeout, typically less than 30s to prevent fraudulent activity or potential unauthorized access.
Research Assistant at Saskatchewan Polytechnic
1 个月Great explanation ??
Pursue ethical hacking from an IT professional
1 个月I would love to see MFA too. Thanks for your sharing.