If the 2FA and TOTP acronyms sound mysterious and intimidating on first approach 😧, do not worry, you will know everything you need to know in a few minutes 🥳.
However, if you already know pretty much everything there is to know, but are just looking for a TOTP setup guide, go straight to the TOTP installation guides.
What are 2FA and MFA?
2FA stands for Two-Factor Authentication. You may sometimes hear about MFA (Multi Factor Authentication). This is all a bit the same, basically adding a layer of protection on what the industry accepts as the most unsecure way of authenticating: using passwords 😱!
There are several 2FA/MFA solutions, but most are either also very unsecure 🤦 (although vendors will not admit it 🤥), or come with deep data privacy concerns (the use of social logins 🤭). This is why the current best 2FA approach is the use of TOTP, even if it is slightly inconvenient...
What is TOTP?
TOTP stands for Time-based One-time Passwords. It is a common form of Two-Factor Authentication. TOTP works like this: a unique numeric password is generated by an algorithm that uses the current time as an input and a crypto certificate only valid between your device and the application requesting the TOTP. As time-based passwords expire and change every 30 seconds, they offer an increased security.
How can I set it up?
If your online service provider supports 2FA/MFA, there is a very good chance that it supports TOTP. You will need to find the Account Security page of your online provider. It is likely to be under a menu Account, Profile, or Security.
What does Authenly 2FA offers that others don't?
Authenly does not store your 2FA keys on any server. These 2FA keys only stay on your device for maximum security. That's a big plus, because you may find that some 2FA solutions store your keys on their server, which means that if/when they get hacked, your 2FA goes away with the hack 🙄!
Authenly allows you to backup your 2FA without having to keep the 12 words that are generally enforced to backup your code. Forget this nonsense, just backup the 2FA-TOTP in an un-hackable offline secret, automatically provided by Authenly. In addition to this backup ability, Authenly also gives you the option to assign your 2FA backup to a person you trust (e.g. an admin in your company) so that if you get lock-out of your account because your 2FA code is not acccessible (phone unavailable or our of battery...), your admin will be able to give you the 6 digit passcode by simply scanning your 2FA backup code.
Finally, because we do not store the 2FA keys on our server, it also means that you can get your code even when your phone is off the internet. Your secure access to your online services is always available and does not even depend on Authenly's services availability!
What is the difference between 2FA and Passwordless?
These TOTP are the most secure 2FA to protect your account, so make use of them. However, they only act as a secure patch on top of an otherwise unsecure authentication method (ID + password). They are indeed only a Second Factor Authentication on top of the very leaky First Factor...
2FAs do not really come close to a full passwordless and contactless experience, as provided by Authenly in the form of fully getting rid of passwords 🤗. With the Authenly Passwordless solution, you have a secure and multi-factor authentication embedded into one single click.