Eli5: How does the an authenticator app (like Google authenticator) and a site I’m accessing communicate if my authenticator app is in an offline phone?

443 viewsOtherTechnology

To expound, I access a website that has a 2FA that asks me a temporary authentication code generated by Google authenticator. My Google authenticator is in my Android phone, which is usually offline. Even so, the temporary code that it generates still works when I input it in the website.

How does that work? How does my Google authenticator in a phone that isn’t connected to the net communicate with the website?

In: Technology

7 Answers

Anonymous 0 Comments

They are not communicating back and forth. In short, the app and site are using the same algorithm to calculate the same code at any given time.

When the authenticator is first set up, the authenticator and site “agree” on the same algorithm to use for all subsequent requests.

Like if I called you on the phone, at random, and we couldn’t talk until I told you today’s date, which is information you also know.

You are viewing 1 out of 7 answers, click here to view all answers.