In simple
Shared secret key + Time = token (which we see in the authenticator app)
- Shared secret key will be created in server and shared to client i.e (authenticator apps).
- Authenticator app will create a token from time and shared secret key.
- Also shared secret will be stored in database.
- While checking server will create a token from time and shared secret key (server will get it from DB) and it will check the result with the token which server received as a part of request.
Top comments (0)