Time-Based One-Time Passwords (TOTP)
Time-Based One-Time Passwords (TOTP) are temporary, one-time passwords generated using a shared secret and current time. Used in multi-factor authentication (MFA), TOTP enhances security by expiring within a short time window, reducing risks like credential theft and replay attacks. In Keycloak, TOTP can be configured as an additional authentication step, integrating with apps like Google Authenticator. It supports policy customization, including hash algorithms, token length, and expiration time. While TOTP increases security, it requires a device for code generation and may be vulnerable to phishing or SIM swap attacks if not properly managed.
Recommended content for you
What is adaptive multi-factor authentication (adaptive MFA)?
Adaptive Multi-Factor Authentication (MFA) is a scalable policy that improves organizational security by assessing potential risks during every login transaction and prompting users for additional…
Practical guide to Apache Kafka
Event-driven communication systems (Message Brokers) enable loose coupling between services and components within an organization or project while ensuring asynchronous communication, scalability, high throughput, reliability,…
What is Federated Identity Management (FIM)?
What is FIM and how does it work? One of federated identity management real life example is when you work at Company A, and you…
Need expert support for customer and workforce identity management?
Contact us today to learn how we cover everything – from architecture design to deployment and 24/7 maintenance