How does 2-step-authentication when using Authenticator App?

Discussion in 'Community Discussion' started by HarryPot, Jan 16, 2016.

  1. HarryPot macrumors 6502a

    Joined:
    Sep 5, 2009
    #1
    Hi,

    Today I've been setting up 2-step-authentication in my important accounts.

    The last I configured was Amazon, which requieres not only your mobile phone, but a second method to authenticate. I choose the "use an authenticator app" option.

    So, I downloaded the app from Google, and by scanning the picture given by Amazon the app gave me a code to enter. After this all was set up correctly.

    My doubt is, I didn't even had to Sign In in the Authenticator App from Google. How can Amazon verify that the code given by the app is from me? If I didn't had to make any kind of link between the app and Amazon.

    Thanks:)
     
  2. yg17 macrumors G5

    yg17

    Joined:
    Aug 1, 2004
    Location:
    St. Louis, MO
    #2
    Those authenticator apps work similar to an RSA SecureID token if you've ever used one. Basically, the app generates a number based off the current time and a unique ID tied to your account. Amazon's server is doing the same, generating a code based off the time and the same unique ID. Since your phone and Amazon's servers should both be synced to an Internet time server, have the same unique ID, and are using the same algorithm, your phone app and Amazon's servers will generate the same code. When you log in, you type the code that shows in the app, Amazon generates the code on their end, if they match, it lets you in.

    What you scanned was a QR code containing that unique ID, so now everything's in sync. The code you entered was just a test to make sure it worked. I don't use 2FA on Amazon, but I'm assuming they have an option to deactivate the authenticator app if you lose your phone, this basically just changes that unique ID on your account so the code generated by the app and the server no longer match.
     
  3. hallux macrumors 68020

    hallux

    Joined:
    Apr 25, 2012
    #3
    I haven't set it up on my Amazon account either but I believe this is the way it works.

    Also, if you were to lose your phone, when you activate the Authenticator app on a new device it will automatically deactivate the codes from the old device, I would think the Amazon setup would be similar.
     
  4. Huntn macrumors G5

    Huntn

    Joined:
    May 5, 2008
    Location:
    The Misty Mountains
    #4
    How does the MacRumors 2 step verification work?

    Honestly I have it set up with my google email accounts, and it's kind of a pain, although I acknowledge that it does amount to extra security. As I switch between computers it frequently makes me put in a code, although I've all ready said "trust the computers" I use on a regular basis...
     
  5. yg17 macrumors G5

    yg17

    Joined:
    Aug 1, 2004
    Location:
    St. Louis, MO
    #5
    Same thing as Amazon. It's all open source.
     
  6. HarryPot thread starter macrumors 6502a

    Joined:
    Sep 5, 2009
    #6
    Thanks for the explanation!

    I agree that Two Step Verification seems like a pain sometimes. I'm just intending to use it in accounts where I have my credit card stored or my email accounts.
     

Share This Page