Commit bd3058cc authored by Jens Henrik Goebbert's avatar Jens Henrik Goebbert

remove extra line-breaks

parent 3da2c0c8
......@@ -31,14 +31,14 @@
"</div>\n",
"\n",
"## Introduction\n",
"2-Factor Authentication (2FA), sometimes referred to as two-factor verification, is a security method in which users provide **two different authentication factors** to verify themselves. \n",
"This process is **performed to better protect** both the user's credentials and the resources that the user can access. \n",
"2-Factor Authentication (2FA), sometimes referred to as two-factor verification, is a security method in which users provide **two different authentication factors** to verify themselves. \n",
"This process is **performed to better protect** both the user's credentials and the resources that the user can access.\n",
"\n",
"In the **first step**, it starts with the usual entry of a good password. The service then confirms the correctness of the password entered. \n",
"In the **first step**, it starts with the usual entry of a good password. The service then confirms the correctness of the password entered.\n",
"This does not, however, lead directly to the desired entrance - but to a further barrier.\n",
"\n",
"The **second step** prevents unauthorized third parties from gaining access to your account just because they have stolen your password. \n",
"A quite common 2nd-factor is a time-based one-time **confirmation code** generated by a **2fa-generator app** you install and initialize once one of your personal devices. \n",
"The **second step** prevents unauthorized third parties from gaining access to your account just because they have stolen your password.\n",
"A quite common 2nd-factor is a time-based one-time **confirmation code** generated by a **2fa-generator app** you install and initialize once one of your personal devices.\n",
"This 2fa-generator app then provides (in our case every 30 seconds) a new confirmation code you enter on the login page.\n",
" \n",
"<div style=\"clear:both\"></div>"
......@@ -80,11 +80,11 @@
"## Algorithm\n",
"The **2fa-generator app** calculates the current personal **confirmation code** completely autonomously from the outside world using a standardized and open algorithm for the generation of **Time-based One-Time Passwords (TOTP)**. \n",
"\n",
"The TOTP algorithm was published in 2011 by the [Internet Engineering Task Force (IETF)](https://www.ietf.com) as [RFC 6238](https://tools.ietf.org/html/rfc6238). The TOTP algorithm is a hash function in which a secret code is hashed together with the current time. \n",
"Behind the hash function is the HMAC-based One-time Password Algorithm according to [RFC 4226](https://tools.ietf.org/html/rfc4226) - in simple terms nothing more than a standard that forms a hash in a certain way. \n",
"The TOTP algorithm was published in 2011 by the [Internet Engineering Task Force (IETF)](https://www.ietf.com) as [RFC 6238](https://tools.ietf.org/html/rfc6238). The TOTP algorithm is a hash function in which a secret code is hashed together with the current time.\n",
"Behind the hash function is the HMAC-based One-time Password Algorithm according to [RFC 4226](https://tools.ietf.org/html/rfc4226) - in simple terms nothing more than a standard that forms a hash in a certain way.\n",
"\n",
"The calculation includes both a **\"secret initialization code\"**, that is known to both the server and the client, and the **current time**. \n",
"The final one-time *confirmation code* is generated from these two inputs and is valid for a certain period of time. (in our case for **30 seconds**). \n",
"The calculation includes both a **\"secret initialization code\"**, that is known to both the server and the client, and the **current time**.\n",
"The final one-time *confirmation code* is generated from these two inputs and is valid for a certain period of time. (in our case for **30 seconds**).\n",
"The procedure can be implemented in such a way that slight differences in time between client and server are accepted.\n",
"\n",
"Hence, any confirmation code is time-based, calculated locally, and always unique.\n",
......@@ -177,14 +177,14 @@
"</div>\n",
"\n",
"### b. Initialization & Validation\n",
"Before you can use 2FA for Jupyter-JSC a random, user-specific, unique and **secret initialization code** must be known by both Jupyter-JSC and the users 2fa-generator app. \n",
"This *secret initialization code* gets generated by Jupyter-JSC and is shown as a **QR-Code** (or string) on the activation page. \n",
"Before you can use 2FA for Jupyter-JSC a random, user-specific, unique and **secret initialization code** must be known by both Jupyter-JSC and the users 2fa-generator app.\n",
"This *secret initialization code* gets generated by Jupyter-JSC and is shown as a **QR-Code** (or string) on the activation page.\n",
"\n",
"The QR-Code provides the *secret initialization code* with the descriptive data (1) algorithm = TOTP, (2) period of validity = 30s. \n",
"Please ensure you set these descriptive dates manually in your 2fa-generator app **if you prefer to use the string** instead of the QR-Code. \n",
"The QR-Code provides the *secret initialization code* with the descriptive data (1) algorithm = TOTP, (2) period of validity = 30s.\n",
"Please ensure you set these descriptive dates manually in your 2fa-generator app **if you prefer to use the string** instead of the QR-Code.\n",
"\n",
"Next, the 2fa-generates app provides now a **verification code** you have to enter on the activation webpage. \n",
"Jupyter-JSC now compares the *verification code* you provide with the one generated by Jupyter-JSC. \n",
"Next, the 2fa-generates app provides now a **verification code** you have to enter on the activation webpage.\n",
"Jupyter-JSC now compares the *verification code* you provide with the one generated by Jupyter-JSC.\n",
"\n",
"If they match, **2FA is now activated**.\n",
"\n",
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment