2FA and Authenticator Apps Explained

Owned by Caroline Collins
Last updated: May 16, 2024
2 min read

Two Factor Authentication (2FA)

Two-factor authentication (2FA) is a security mechanism designed to add an extra layer of protection to digital accounts and systems beyond just a username and password. It requires users to provide two different authentication factors to verify their identity. At Sunwave, we require the following two factors to access a user account

  1. Knowledge factors: Something the user knows - your password.

  2. Possession factors: Something the user has, such as a smartphone authenticator app, or a physical token.

By requiring two factors from different categories, 2FA significantly increases the security of an account, as even if one factor is compromised (e.g., a stolen password), the attacker would still need the second factor to gain access.

Authenticator Apps

One common method of implementing 2FA is through the use of authenticator apps on smartphones. At Sunwave, we recommend using the Google Authenticator App, but other Authenticator Apps may also be used. Here's how Authenticator apps work works:

  1. Setup: After enabling 2FA on the software system, the user links their account to an authenticator app on their smartphone. This is often done by scanning a QR code provided by the system.

  2. Generating codes: Once set up, the authenticator app generates temporary, one-time codes based on a shared secret key and the current time. These codes are typically valid for only a short period, often 30 seconds, adding another layer of security.

  3. Authentication process: When the user tries to log in to the software system, in addition to entering their username and password, they are prompted to provide the current code generated by the authenticator app.

  4. Verification: The system verifies the entered code against the one generated by the authenticator app. If the codes match, the user is granted access.

  5. Continuous authentication: Sunwave requires 2FA for each login attempt.

Using an authenticator app for 2FA adds an extra layer of security by requiring not only something the user knows (their password) but also something they have (their smartphone). This significantly reduces the risk of unauthorized access, even if passwords are compromised through data breaches or phishing attacks.

Hard Token Authentication

A hard token, such as the YubiKey 5C NFC, is a physical device used for authentication that adds an extra layer of security to digital accounts and systems. These tokens come in various forms, including USB dongles, key fobs, or smart cards, and typically generate one-time passwords (OTPs) or other dynamic codes. Hard tokens such as YubiKey 5C NFC bolster digital security by adding an extra layer of protection beyond passwords.

  • Physical Device: YubiKey 5C NFC is a compact hardware authentication tool with USB-C and NFC capabilities.

  • Secure Authentication: Users register the device with their accounts and input its generated code along with their regular credentials.

  • Enhanced Security: Requires physical possession of the token, reducing the risk of unauthorized access even if passwords are compromised.

The YubiKey 5C NFC offers versatile and robust security features, making it an effective solution for safeguarding digital accounts and systems against various threats.

Sunwave Hard Token Authentication Guide

YubiKey 5C NFC Setup Guide