2. ABOUT ME
● Waihon Yew
● Rapid River Software
● Connect with me:
○ GitHub: waihon
○ Twitter: waihon
○ LinkedIn: waihonyew
3. WHAT IS TWO-FACTOR AUTHENTICATION?
● Two-factor authentication (2FA) is a way to add additional
security to your account.
● The first "factor" is your usual password that is standard for
any account.
● A common second "factor" is a verification code retrieved
from an app on a mobile device or computer.
● 2FA is conceptually similar to a security token device that
certain banks in some countries require for online banking.
● Other names for 2FA systems include OTP (one-time
password) and TOTP (Time-based One-time Password
algorithm).
4. ● Business
○ Compatible with Google Authenticator which is
available for free on both Google Play and App Store
● Technical
○ A gem/library that:
■ Makes adding 2FA to a user model simple
■ Is not tightly coupled with any authentication gems
such as Devise
REQUIREMENTS/CONSTRAINTS
5. 2FA GEM: ACTIVEMODEL::OTP
● GitHub
○ https://github.com/heapsource/active_model_otp
● Key dependency
○ ROTP 4.0 or higher
■ A Ruby library for generating and validating one
time passwords according to RFC 4226 (HOTP) and
RFC 6238 (TOTP).
● Installation
○ gem 'active_model_otp'
6. ● Add otp_secret_key to your user model
○ rails g migration AddOtpSecretKeyToUsers
otp_secret_key:string
○ rails db:migrate
● Add has_one_time_password directive to your user model.
○ It provides a few useful methods in order to implement
your 2FA
SETTING UP YOUR MODEL
7. ● The otp_secret_key is saved automatically when an object
is created.
● If you're adding this to an existing user model, you could:
○ Generate otp_secret_key with a migration like:
■ User.find_each { |user|
user.update_attribute(:otp_secret_key,
ROTP::Base32.random_base32) }
○ Generate otp_secret_key when users enable 2FA
OTP SECRET KEY