Python Tutorial - Integrating 2FA/MFA using PyOTP

Python Tutorial - Integrating 2FA/MFA using PyOTP

You must have come across buzzwords such as “MFA”, “2FA” at some point but what do they really mean? Why are they so popular these days? And why is it becoming such a focal point in the security layer? In this tutorial, you'll see Integrating 2FA/MFA using PyOTP

You must have come across buzzwords such as “MFA”, “2FA” at some point but what do they really mean? Why are they so popular these days? And why is it becoming such a focal point in the security layer?

What is 2FA/MFA?

2FA/MFA stands for 2-Factor/ Multi Factor Authentication. Conventional authentication system require only your username and password. We call such type of Auth Systems as “SFA” (Single Factor Authentication).In MFA, multiple factors combine together to prove that it’s actually you who’s trying to access the system. Currently there are three types:

  • Something that you know (your password, maybe a couple of security questions.)
  • Something that you own/ Something that you have (your mobile phone).
  • Something that you are (Thumb Print/ Face recognition etc.)

2FA is just a subset of MFA. It involves 2 factors while authenticating a user:

  • Username/password.
  • One time password sent to your device.

Standards for generating an OTP

One Time Password (OTP) is generated using a shared secret key and another factor such as counter or time. Two main standards for generating an OTP are HOTP and TOTP. Event-based OTP (also called HOTP) is the original One-Time Password algorithm and relies on two pieces of information: A shared secret and a counter. The first step involves generating an HMAC hash from the shared secret and counter. In the next step we truncate the resultant HMAC hash to our desired length (6 digits preferably) to obtain an OTP. The counter is then incremented on the server side to obtain a new OTP.

HOTP is great but incrementing the counter can become a headache. Also, HOTP pass-codes can be valid for a pretty long time, hence putting our system at risk. To solve these problems, we are going to discuss the second standard known as TOTP.

python 2fa django pyotp mfa

What is Geek Coin

What is GeekCash, Geek Token

Best Visual Studio Code Themes of 2021

Bootstrap 5 Tutorial - Bootstrap 5 Crash Course for Beginners

Nest.JS Tutorial for Beginners

Hello Vue 3: A First Look at Vue 3 and the Composition API

top 30 Python Tips and Tricks for Beginners

In this post, we'll learn top 30 Python Tips and Tricks for Beginners

Lambda, Map, Filter functions in python

You can learn how to use Lambda,Map,Filter function in python with Advance code examples. Please read this article

Python Django Tutorial | Django Course

🔥Intellipaat Django course: https://intellipaat.com/python-django-training/ 👉This Python Django tutorial will help you learn what is django web development &...

Django admin full Customization step by step

Django admin full Customization step by step. Did you learn about it? Read our article now.

Python Django Tutorial | Python Django | Django Python | Django Tutorial for Beginners

🔵 Intellipaat Django course: https://intellipaat.com/python-django-training/🔵 This Python Django tutorial will help you learn what is Django web developmen...