科技回声

I am planning to build a web app. I want to implement 2FA for validating and verifying users. What are some good 2FA service providers?

Yourself --- and at basically zero cost.It's fairly easy to validate TOTP codes on the server side. It's just a SHA hashing function. See RFC 6238. I wrote my own but I'm sure source code is out there somewhere.Free/open source client side apps are readily available for iOS and Android.The only problem left is how to share the random/secret key/seed that your web site will generate for each user. This can be done relatively error free using email or on-screen using QR Code at the time the user enables 2FA.Don't know how to generate a QR code? No problem --- lots of generators are available for free on the web. Just embed a proper link to generate one.

In my previous company, we had a lot of good things to say about OKTA. They have the authentication service [0] of course and then Adaptive MFA . Good luck![0] <a href="https://www.okta.com/au/products/authentication/" rel="nofollow">https://www.okta.com/au/products/authentication/</a>

I am planning to build a web app. I want to implement 2FA for validating and verifying users. What are some good 2FA service providers?

Ask HN: What Are Some Good 2FA Service Provider?

2 条评论

Ask HN: What Are Some Good 2FA Service Provider?

2 条评论