Authentication

OTP microservice

About OTP

One-time password (OTP) systems provide a mechanism for logging on to a network or service using a unique password that can only be used once.

Since the one-time passwords is valid for only a single-use, they are not vulnerable as static passwords and cannot be reused a second time by anyone, including unauthorized persons and thus avoiding the threat of pin code theft.

Problem in conventional OTP services:

In the conventional OTP service, the OTP is stored in a database along with the email or phone number for which it was used. Now, if the OTP service’s database is attacked by an attacker then the…


Authentication

Manage Login Activity of User

About JWT

JWT (JSON Web Tokens) is a stateless way of handling authentication in our app. For each login request, the server generates a token and sends it to the front-end where it is stored and used to authenticate every other request.

But since the JWT is stateless it (should not be) is not stored in any database or storage. So if a user wants to logout from a particular device or logout from all the devices, he cannot logout using the traditional way of authentication using JWT. …

Divyansh Agarwal

I am an Innovator with lots of ideas in my mind to improve the world for better! Know more about me at https://divyansh.agarwal.work .

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store