When they attempt to access their information, a push notification is sent to the user’s phone. Phishing security. Other types of two factor authentication are susceptible to phishing attacks, but push-based 2FA combats that vulnerability by replacing access codes with push notifications.
HOTP tokens expire once they are used while TOTP tokens expire if not used within thirty seconds. Both authentication methods generate temporary passwords from a physical device carried by the user. Two other possession factors of authentication are HMAC-based One-Time Password (HOTP) and Time-based One-time Password (TOTP). These tokens generate a rotating passcode that users must physically carry on their person.ĭuo Mobile combines the knowledge factor and possession factor of authentication to create the world’s most trusted 2FA platform. Tokens are a commonly used possession factor of authentication. Possession factors verify the identity of a user by requiring proof of information that only the user should possess. A user’s password should be private only to them, allowing them to use it as a method to confirm their identity. The most common example of a knowledge factor of authentication is a password. The knowledge factor verifies identity by requesting information only an individual user would know.
