Introducing 2FA with Google Authenticator and Node.js
ฝัง
- เผยแพร่เมื่อ 17 ต.ค. 2024
- With security breaches becoming more common and users password's becoming brute-forced, two-factor authentication is almost a necessity today. If you're running a website with some kind of account system, consider implementing 2FA. Google Authenticator gets you going in minutes!
This can easily be added to an express.js website and almost any other account system based project.
Pre-requisites:
*Intermediate Javascript experience
*Intermediate Node.js experience
Join us on Discord: theomnidev.com...
My Setup:
My microphone: amzn.to/3bgxoNR
Backup microphone: amzn.to/3qnRf40
Studio laptop: amzn.to/3pctDh3
Desktop Icon Organization Software: bit.ly/3a17Va9
#like #subscribe
I've researched a little into this and it is a good system so its great your making a tutorial for this!
+SPIKE IS BACK I always appreciate some extra, but convenient security c:
very simple, quick and effective. I didn't had to spend 30 mins. Thanks
most concise tutorial I've watched - thanks
Thanks for providing perfect implementation
great video man ..... nice explanation within a very short time
The best tutorial on TH-cam.
my speakeasy and google authenticator codes are different what should I do
Hi thank you very much clear and consie tutorial , but how doesit dynamically verify OTP which is generated by gauth app?
Thanks @Omnidev,
your video help full for me. I have use this example in my project.
It's working proper. so thanks
I’m glad you figured it out 😁
so for different user I need to generate a secret and store under their name in DB?
Super simple to catch, nice work thanks you! +sub
awesome video, to the point.
subscribed
awesome! curious about its mechanism, it bases on secret and current timestamp to generate token?
Probably its taking an defined timestamp (every full minute UTC timr) and the token to generate this
So we need to store secret inside of datbase? How do we store it? Do we hash the secret?
You need the orginal secret to verify this. So just using sha256 would be not good, as you can't get the orginal token back
Best, very good tutorial
Thank youuu mister man!
very good video, thanks!
Helpful video.
Should we make a different secret for each user or what?
Yes you should, otherwise every user will have the same 2 factor code at the same time rendering it useless
Thanks a lot :)
This tutorial is good :)
Thanks man life saver
I’m happy it helped 😄
Thank you!
:D
me funciono, excelente
Is not working
my bro it's ascii not a s c i i 😭
I know it’s an acronym, so I’ve always just said the letters. I know it’s correct to pronounce “ask-ee” too
:D
Türk de Varmış :D
Hi
Hi
Lol
@Omnidev i try this package but token verify false