On Conducting Systematic Security and Privacy Analyses of TOTP 2FA Apps


Conor Gilsenan, Noura Alomar, and Serge Egelman, University of California, Berkeley


Two-factor authentication (2FA) has consistently proven to dramatically increase the security of online accounts, but the privacy implications of enabling different methods of 2FA are not well studied. The Time-based One-Time Passwords (TOTP) algorithm is one method of 2FA that is widely deployed throughout industry. RFC6238 defines how the client and server utilize a shared secret to generate and validate a deterministic one-time password (OTP) during authentication. However, there is no standard for how to back up the shared secret on the client, resulting in custom implementations across dozens of consumer TOTP apps that directly impact the security and privacy of the TOTP 2FA scheme. In this paper, we define an assessment methodology for conducting systematic security and privacy analyses of the backup and recovery functionality of TOTP apps. Using this workflow, we analyzed the Authy Android app and observed that it sends the plaintext usernames of third party accounts to Authy servers, uses an inadequate work factor when deriving keys with PBKDF2, and encrypts Base32 encoded TOTP secrets, which makes them vulnerable to offline attacks.

    author = {Gilsenan, Conor and Alomar, Noura and Egelman, Serge},
    title = {{On Conducting Systematic Security and Privacy Analyses of TOTP 2FA Apps}},
    booktitle = {Who Are You?! Adventures in Authentication Workshop},
    year = {2020},
    series = {WAY~'20},
    pages = {1--6},
    address = {Virtual Conference},
    month = aug,
    publisher = {}
} % No publisher