With the increase in the usage of internet, security is one of the most important aspects of any web or native application. There is various mechanism adopted to enhance the security of systems in past decade like encryption mechanisms, smart ID reader, Fingerprint verification and the most popular is the One-time password sent on the user’s mobile.
Google being one of the top information company, provides various great measures for ensuring security. Google uses two kinds of authorization generally, one of which is primary and other is optional, which you can opt if you need further security for your Google account which they call 2-step authorization.
To pass the first step of authorization of Google, a user need to know something like her username and password.
For the second step, the user needs to have something like her Android or iOS phone containing Google Authenticator, mobile phone or backup codes provided by Google earlier.
If all the information passed is correct, only then the user can access her destination.
In this Tutorial, we will talk about a particular method that the Google uses for the second step of its authorization which is Google Authenticator.
Google Authenticator is a simple Android and iOS application to generate unique six digits to complete your Google Authorization.
Apart from the one-time passwords that many companies send to their user’s mobile phone to ensure security, the six-digit code generated by Google Authenticator changes every minute.
Yes, the code generated by Google Authenticator changes every minute.
Now let’s see how this whole process works.
After opting for 2-step authorization, if you choose to use Google Authenticator you need to scan a QR code into your mobile’s Google Authenticator app.
As soon as the authenticator successfully reads it, it starts to generate 6-digit numbers. On entering that code, your Google Authenticator will be activated for default 2nd step authorization.
Now let’s go some deep into this thing, as soon as you opt to choose Google Authenticator of 2-step authorization, Google generates a completely random string of characters along with the user’s email address.
By using the combination of these two, Google generates a QR-code, that you have to scan through Authenticator.
After scanning, authenticator extracts out that random string and the user’s email address.
The random string known as secret combines with the absolute time and then act as a source of randomness to create 6-digit numbers. Every minute, as the time's changes, it creates a new 6-digit number.
While the email address is used to create a distinction between various accounts in the authenticator.
On entering the generated 6-digit code, Google generates the 6-digit number at his end using the same old secret character of the string and the absolute time. If the user's entered one and generated one matches, Google let the user access her destination otherwise, it shoots an error.
That is how Google Authenticator authorization works.
We hope you completely understand the concept of time-based authorization and how the Google uses it.
If you have any query, do comment below.