M/s VIKASH TECH - We Write Imaginations to Codes..!!

How to use Google Two Factor Authentication in your project?

At our end we take security at a priority, implementation of different ways to secure website should be the priority for every developer.

Today we are going to discuss on how to implement two factor authentication using Google’s Authenticator.

What is Two Factor Authentication?

2FA is nothing new. In fact it’s already been widely adopted by most major platforms (Facebook, Apple, Google etc) as a means of making account logins more secure.

Two Factor Authentication, also known as 2FA, two step verification or TFA (as an acronym), is an extra layer of security that is known as “multi factor authentication” that requires not only a password and username but also something that only, and only, that user has on them, i.e. a piece of information only they should know or have immediately to hand — such as a physical token.

So how does the user get the code?

  • Historically this required the user to carry a widget or card reader device (in the case of bank accounts) on their person, to generate a unique code.
  • Recently a popular method has been sending the user an SMS with a one time use code.

However there are other options…

How Google Authenticator works

Google Authenticator is a free app for your smart phone that generates a new code every 30 seconds. It works like this:

  1. When enabling 2FA, the application you’re securing generates a QR code that user’s scan with their phone camera to add the profile to their Google Authenticator app.
  2. Your user’s smart phone then generates a new code every 30 seconds to use for the second part of authentication to the application.

Implementing Google Authenticator on your website using PHP

The easiest way to do this is to use an open source composer package to do the tricky stuff for you:sonata-project/google-authenticator – PackagistLibrary to integrate Google Authenticator into a PHP projectpackagist.org

You’ll use the library to:

  • Generate the QR code for your user’s to scan when they enable 2FA.
  • Verify that the code entered is valid at login.

Generating the QR Code

$g = new \Google\Authenticator\GoogleAuthenticator();$salt = '7WAO342QFANY6IKBF7L7SWEUU79WL3VMT920VB5NQMW';
$secret = $username.$salt;echo '<img src="'.$g->getURL($username, 'example.com', $secret).'" />';

Tips:

Verifying entered codes

You need to use the same secret you used to generate the barcode in order to validate the user’s input.

$g = new \Google\Authenticator\GoogleAuthenticator();$salt = '7WAO342QFANY6IKBF7L7SWEUU79WL3VMT920VB5NQMW';
$secret = $username.$salt;$check_this_code = $_POST['code'];if ($g->checkCode($secret, $check_this_code)) {
echo 'Success!';
} else {
echo 'Invalid login';
}

While Google Authenticator might not be the most desirable 2FA method for your customers, there’s no reason you can’t implement it for staff or administrators when it’s this easy.

Do Like and Share the post and also write your comments below if you like the post.

Category :

Comments

No comments found.

….

FLAT 50% OFF

Latest Posts

SuiteCRM, an open source tool for startups to use from an early stage.

When we talk about businesses in their early stage, it's quite a big deal to choose good management and sales…

How to Implement Google QAuth Authentication | Google Login - PHP MySQL

PHP Google OAuth API allows users to login into a website with their Google credentials. A user with a Google…

How to use Google Two Factor Authentication in your project?

At our end we take security at a priority, implementation of different ways to secure website should be the priority…

How to verify an email address before sending emails?

Email marketing is a great way to reach your clients, but while sending emails from a mail service provider, its…

%d bloggers like this: