Transferring Time-based One-time Passwords to a New Smartphone
Abstract Smartphone authenticator apps such as Google Authenticator and Authy implement software tokens that are “two-step verification services using the Time-based One-time Password Algorithm (TOTP) and HMAC-based One-time Password algorithm (HOTP)” Smartphone TOTP, a form of Two-factor authentication (2FA), displays a 6-digit code derived from a shared secret, updating every thirty seconds. The shared secret is presented only once to the user, typically with a QR (Quick Response) Code which is scanned by the authenticator app. ...