Two (2) Factor Authentication (2FA) Java Code
2 Factor Authentication (2FA) Java code which used the Time-based One-time Password (TOTP) algorithm.
You can use this code with the Google Authenticator mobile app or the Authy mobile or browser app.
To get this to work you:
- Use
generateBase32Secret()
to generate a secret key in base-32 format for the user. For example: "NY4A5CPJZ46LXZCP"
- Store the secret key in the database associated with the user account.
- Display the QR image URL returned by
qrImageUrl(...)
to the user. Here's a sample which uses GoogleAPIs:
- User uses the image to load the secret key into his authenticator application.
Whenever the user logs in:
- The user enters the number from the authenticator application into the login form on the web server.
- The web server reads the secret associated with the user account from the database.
- The server compares the user input with the output from
generateCurrentNumberString(...)
. - If they are equal then the user is allowed to log in.
For more details, see the example program.
Maven Configuration
<dependencies>
<dependency>
<groupId>com.j256.two-factor-auth</groupId>
<artifactId>two-factor-auth</artifactId>
<version>1.3</version>
</dependency>
</dependencies>
ChangeLog Release Notes
See the ChangeLog.txt file.