Will this support MS Authenticator and Authy

BrandonPotter / GoogleAuthenticator

Simple, easy to use server-side two-factor authentication library for .NET that works with Google Authenticator and Authy.

Apache License 2.0

373 stars 126 forks source link

Will this support MS Authenticator and Authy #228

Closed vijayaram-b closed 2 months ago

vijayaram-b commented 3 months ago

Hi,

We are trying to use this in one of our projects, where MFA is mandated, we wanted to check the feasibility of using this library.

Will the library supports only Google Authenticator or generally any authenticator app(we are interested in Microsoft and Authy)

Please check and advise

ahwm commented 3 months ago

I have successfully generated working codes on Microsoft Authenticator, Authy, Google Authenticator, 2FAS, LastPass Authenticator and a previous version of Authenticator Plus (now seems to be defunct).

Note: Some of these (notably Microsoft Authenticator and Authy) will only work with the default algorithm (HMACSHA1) and will not work with HMACSHA256 or HMACSHA512, even though the RFC standard supports those.

You can test any authenticator app yourself by running any one of the example applications in the repository.

vijayaram-b commented 3 months ago

Thank you @ahwm, will check with that

vijayaram-b commented 3 months ago

Hi @ahwm I have been trying this in WinTest app, after changing this to default algorithm (HMACSHA1), will it have any security implication going forward if I am not using other algorithms?

flytzen commented 3 months ago

No, HMACSHA1 is the default used by most authenticator apps.