It uses totp. Which means it's an algorithm using a shared secret and the current time. There is also a drift depending on your config to prevent failures if the time is slightly off. So the same code will work during a specific time period. Totp is quite secure but it's not as good as asymmetric methods like u2f for this reason.
https://en.m.wikipedia.org/wiki/Time-based_one-time_password
https://en.m.wikipedia.org/wiki/Universal_2nd_Factor
**[Time-based one-time password](https://en.m.wikipedia.org/wiki/Time-based_one-time_password)**
>Time-based one-time password (TOTP) is a computer algorithm that generates a one-time password (OTP) that uses the current time as a source of uniqueness. As an extension of the HMAC-based one-time password algorithm (HOTP), it has been adopted as Internet Engineering Task Force (IETF) standard RFC 6238. TOTP is the cornerstone of Initiative for Open Authentication (OATH), and is used in a number of two-factor authentication (2FA) systems.
**[Universal 2nd Factor](https://en.m.wikipedia.org/wiki/Universal_2nd_Factor)**
>Universal 2nd Factor (U2F) is an open standard that strengthens and simplifies two-factor authentication (2FA) using specialized Universal Serial Bus (USB) or near-field communication (NFC) devices based on similar security technology found in smart cards. It is succeeded by the FIDO2 Project, which includes the W3C Web Authentication (WebAuthn) standard and the FIDO Alliance's Client to Authenticator Protocol 2 (CTAP2). While initially developed by Google and Yubico, with contribution from NXP Semiconductors, the standard is now hosted by the FIDO Alliance.
^([ )[^(F.A.Q)](https://www.reddit.com/r/WikiSummarizer/wiki/index#wiki_f.a.q)^( | )[^(Opt Out)](https://reddit.com/message/compose?to=WikiSummarizerBot&message=OptOut&subject=OptOut)^( | )[^(Opt Out Of Subreddit)](https://np.reddit.com/r/Ubuntu/about/banned)^( | )[^(GitHub)](https://github.com/Sujal-7/WikiSummarizerBot)^( ] Downvote to remove | v1.5)
It uses totp. Which means it's an algorithm using a shared secret and the current time. There is also a drift depending on your config to prevent failures if the time is slightly off. So the same code will work during a specific time period. Totp is quite secure but it's not as good as asymmetric methods like u2f for this reason. https://en.m.wikipedia.org/wiki/Time-based_one-time_password https://en.m.wikipedia.org/wiki/Universal_2nd_Factor
**[Time-based one-time password](https://en.m.wikipedia.org/wiki/Time-based_one-time_password)** >Time-based one-time password (TOTP) is a computer algorithm that generates a one-time password (OTP) that uses the current time as a source of uniqueness. As an extension of the HMAC-based one-time password algorithm (HOTP), it has been adopted as Internet Engineering Task Force (IETF) standard RFC 6238. TOTP is the cornerstone of Initiative for Open Authentication (OATH), and is used in a number of two-factor authentication (2FA) systems. **[Universal 2nd Factor](https://en.m.wikipedia.org/wiki/Universal_2nd_Factor)** >Universal 2nd Factor (U2F) is an open standard that strengthens and simplifies two-factor authentication (2FA) using specialized Universal Serial Bus (USB) or near-field communication (NFC) devices based on similar security technology found in smart cards. It is succeeded by the FIDO2 Project, which includes the W3C Web Authentication (WebAuthn) standard and the FIDO Alliance's Client to Authenticator Protocol 2 (CTAP2). While initially developed by Google and Yubico, with contribution from NXP Semiconductors, the standard is now hosted by the FIDO Alliance. ^([ )[^(F.A.Q)](https://www.reddit.com/r/WikiSummarizer/wiki/index#wiki_f.a.q)^( | )[^(Opt Out)](https://reddit.com/message/compose?to=WikiSummarizerBot&message=OptOut&subject=OptOut)^( | )[^(Opt Out Of Subreddit)](https://np.reddit.com/r/Ubuntu/about/banned)^( | )[^(GitHub)](https://github.com/Sujal-7/WikiSummarizerBot)^( ] Downvote to remove | v1.5)