Two Factor Authentication with Authenticator Apps

Starting today we have decided to introduce another layer of authentication for MYETV accounts.

In fact, accounts can already be protected with various technologies, specifically designed for MYETV:

Today we introduce two-factor accessAccess [the simple access to a website as a visitor] via “Authenticators App” i.e. those free applications that allow the creation of OTP (One Time Password) that change every 10 seconds. The applications that can be used are:

  • Google Authenticator
  • Microsoft Authenticator
  • Free OTP
  • Others Applications (TOTP compliant)

This implementation will ask, after normal login-[Login]: [an act of logging in to a computer, database, website or system] via email and password, the current OTP issued by the authenticator app; to activate it you need to select the checkbox on the “edit profile” page and then configure it via the two-factor authentication app (scan the QR code via the app). Once activated, an “encrypted code” will be saved in your account-[Account]: [an Account contains the personal information that is assigned to those who register and access with email and password] which will be used to communicate with the authenticator app each time you log in; you can change the stored QR code or the authentication app used at any time by rescanning; It is also advisable to memorize the “secret code” that you see in order to restore access (obtain the same QR code to scan again) in case the data in the authentication app were to be deleted, be careful, the “secret code” is changed every time you refresh the page and then you need to save it in a safe place immediately after scanning the qr-code.

How does two-factor authentication works?

Authenticator apps work based on the TOTP verification model. When you set up MFA on your account and choose TOTP, the account server will create a QR code that the authenticator app will scan. The QR code contains a secret algorithm that uses the current time as a factor in generating TOTP codes.

The authenticator app and the account server will be the only parties that possess the secret algorithm. They will independently use the secret to generate the exact same codes at the exact same time.

When the user logs in, they will enter the code displayed in the authenticator app. The server will check if the entered code matches the code that it generated. If the codes match, the user is granted access. If not, user access is denied.

There are many options for authenticator apps. Popular standalone phone apps include Google Authenticator and Microsoft Mobile Phone Authenticator.

Authenticator apps can also be integrated into a password manager like Keeper Password Manager. A password manager securely stores all your credentials, including passwords, passkeys and TOTP codes. This option is the most convenient because password managers sync across all devices and some can autofill your TOTP code along with your credentials. It also means you don’t have to wrangle with multiple devices just to log in.

Please note: this feature is in beta-testing from today till the next 3 months

Print Friendly, PDF & Email