I was logging in on a microsoft account of my work. I use google authenticator. My phone was not having a wifi connection. Eventhough I entered the code and it let me log in. Later I noticed wifi on my phone was not working.
I thought the authenticator app needed to check via some sort of network if the code was right. It clearly doesn’t. But now I am curious how all of this works.
In: Technology
They rely on the current time.
The authenticator and Microsoft both know your account’s 2FA secret (because that’s in the QR code when you set up the authenticator for the 1st time).
Then, both your authenticator and Microsoft take that secret and the current date&time, and put them through a hash (a bunch of complicated calculations). And then they both end up with the same 6-digit code so Microsoft can check whether the code you entered is valid.
Latest Answers