Tuesday, August 13, 2013

TOTP for ASP.Net Web Forms

Ok, so following my previous post (Two-Factor Authentication - What's the right way) I decided to go on and create a Proof of Concept on how to implement RFC 422 (the way a lot of web services implement 2 Factor Authentication, including Google, Microsoft, DropBox, LastPass etc) using ASP.Net with the Membership Provider.

Although I managed to find a lot of sample code to implement the RFC in .Net code, I failed to find anything that implements this using ASP.Net Membership Provider (MP). In just a few words, MP is a solution built in to .Net Framework that allows for user and credential management in .Net applications (more here). Please note that the same concept can be applied in different frameworks.