Token-based Two-Factor authentication

Tokens, U2F, and the real world

The use of two-factor authentication for personal use, even for online banking, never really caught on.

  • TOTP was partially supported as it also needed a little helper-tool on the user’s workstation to supply the current time to the token as there was no built-in clock, which is understandable given it would then also need a battery. The token also only had two key slots, which meant that you could not use one token with all the internet services you were using.
  • The static password mode sounded practical at first, until you realized that you’d need to also use a password manager for it to not use the same password with each internet service you use and that the password database would then have to be shared between all of your workstations. While this might be suitable for some, it’s not really a great solution.

Software Engineer with an interest in Cloud Platforms and DevOps

Software Engineer with an interest in Cloud Platforms and DevOps