Transferring Time-based One-time Passwords to a New Smartphone

Abstract Smartphone authenticator apps such as Google Authenticator and Authy implement software tokens that are “two-step verification services using the Time-based One-time Password Algorithm (TOTP) and HMAC-based One-time Password algorithm (HOTP)” Smartphone TOTP, a form of Two-factor authentication (2FA), displays a 6-digit code derived from a shared secret, updating every thirty seconds. The shared secret is presented only once to the user, typically with a QR (Quick Response) Code which is scanned by the authenticator app....

January 21, 2019 · 5 min · Brian Cunnie