{"id":44637,"date":"2020-04-19T09:00:39","date_gmt":"2020-04-19T15:00:39","guid":{"rendered":"https:\/\/jumpcloud.com\/?p=44637"},"modified":"2022-09-13T12:40:34","modified_gmt":"2022-09-13T16:40:34","slug":"totp-2fa-pros-cons","status":"publish","type":"post","link":"https:\/\/jumpcloud.com\/blog\/totp-2fa-pros-cons","title":{"rendered":"TOTP Two-Factor Authentication (2FA) &#8211; Pros and Cons"},"content":{"rendered":"\n<p>Two-factor authentication (2FA) \u2013\u2013 otherwise called multi-factor authentication (MFA) \u2013\u2013 is one of the best precautions against cyberattacks an organization can adopt. MFA requires two or more factors to authenticate users to IT resources, usually \u201csomething they know\u201d (their credentials) in combination with \u201csomething they have.\u201d The latter can be anything from a numeric code sent to their phones via SMS to their fingerprint.<\/p>\n\n\n\n<p>Admins often employ <a href=\"https:\/\/jumpcloud.com\/blog\/totp-mfa\/\">time-based, one-time passwords (TOTP)<\/a> as the second factor. TOTP tokens are randomized, numeric codes generated by an app that automatically refreshes. TOTP 2FA offers many security benefits, but there are also a few drawbacks to consider. Check out the following pros and cons to find out if TOTP 2FA is right for you.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Overview of TOTP 2FA<\/h2>\n\n\n\n<p>In order for users to access their assets, their credentials must match what their organization has on file, and their TOTP code needs to match what the application or system has on their server. If the TOTP code doesn\u2019t match, then the user will be denied entry.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Pros:<\/h3>\n\n\n\n<ul><li><strong>Inexpensive to implement: <\/strong>Organizations often leverage TOTP 2FA because of how accessible it is. Most authentication apps that generate TOTP tokens are free or charge a small fee, so organizations of any size can secure their user\u2019s identities if they choose.<\/li><li><strong>Lightweight: <\/strong>Organizations don\u2019t need to install any new hardware for users to authenticate to their IT resources. All they need is an authentication app on their desktop, laptop, or phone. Most TOTP app providers offer 2FA for all those devices, so users can leverage whichever suits their needs.<\/li><li><strong>Remembers user accounts: <\/strong>When a user first attempts to access an application or system, their TOTP token generator saves and remembers it. This feature allows users to acquire their codes without WiFi access or cellular service, as their previous login attempts are saved to their device and will constantly have new codes generated for those resources.<\/li><li><strong>Can be used at scale: <\/strong>With <a href=\"https:\/\/jumpcloud.com\/product\/multi-factor-authentication\/\">the right provider<\/a>, organizations can enforce TOTP 2FA at scale across all their IT resources. This includes heterogeneous systems, a vast array of applications, networks, and file servers.<\/li><\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Cons:<\/h3>\n\n\n\n<ul><li><strong>Requires a user\u2019s device: <\/strong>A user can\u2019t receive their TOTP code unless they have their authenticator app at the ready. If they forget their phone at home or their device\u2019s battery dies, they may be unable to access their IT resources.<ul><li>Fortunately, many web applications offer alternative ways to receive 2FA codes, which the user can opt for if they\u2019re unable to retrieve their TOTP token from an authenticator app.<\/li><\/ul><\/li><li><strong>Fast expiration: <\/strong>This can require a user to enter multiple TOTP codes in an effort to log in before the code expires, which takes additional time and may lead to account lockouts if they exceed their allotted attempts.<\/li><li><strong>Secret key:<\/strong> TOTP 2FA uses a <a href=\"https:\/\/medium.com\/@n.moretto\/two-factor-authentication-with-totp-ccc5f828b6df\" target=\"_blank\" rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\">secret key<\/a> shared between the authenticator app and the server hosting it. If a bad actor were to clone that secret key, they could generate valid codes at will and gain access to the user\u2019s account.<\/li><\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">Is TOTP 2FA Right For You?<\/h2>\n\n\n\n<p>TOTP 2FA may not be right for everyone. Organizations that deal with exceptionally sensitive assets may benefit from other types of 2FA, such as USB keys. But, for organizations with limited resources that still want to secure their identities and IT resources, TOTP may be their ideal choice.<\/p>\n\n\n\n<p>To learn more about how 2FA can benefit your organization, <a href=\"https:\/\/jumpcloud.com\/contact\/\">contact us<\/a>. We\u2019d be happy to explain the security benefits and options for 2FA in your organization.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Admins commonly employ TOTP for two-factor authentication (2FA), but it has a few drawbacks to consider before adopting it for your organization.<\/p>\n","protected":false},"author":92,"featured_media":44638,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_oasis_is_in_workflow":0,"_oasis_original":0,"_oasis_task_priority":"","inline_featured_image":false,"footnotes":""},"categories":[2781],"tags":[],"collection":[2775],"platform":[],"funnel_stage":[3016],"coauthors":[2578],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v22.9 (Yoast SEO v22.9) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>TOTP Two-Factor Authentication (2FA) - Pros and Cons - JumpCloud<\/title>\n<meta name=\"description\" content=\"Admins commonly employ TOTP for two-factor authentication (2FA), but it has a few drawbacks to consider before adopting it for your organization.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/jumpcloud.com\/blog\/totp-2fa-pros-cons\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"TOTP Two-Factor Authentication (2FA) - Pros and Cons\" \/>\n<meta property=\"og:description\" content=\"Admins commonly employ TOTP for two-factor authentication (2FA), but it has a few drawbacks to consider before adopting it for your organization.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/jumpcloud.com\/blog\/totp-2fa-pros-cons\" \/>\n<meta property=\"og:site_name\" content=\"JumpCloud\" \/>\n<meta property=\"article:published_time\" content=\"2020-04-19T15:00:39+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-09-13T16:40:34+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2020\/03\/totp-2fa-pros-cons.jpeg\" \/>\n\t<meta property=\"og:image:width\" content=\"780\" \/>\n\t<meta property=\"og:image:height\" content=\"521\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Megan Anderson\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Megan Anderson\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/jumpcloud.com\/blog\/totp-2fa-pros-cons#article\",\"isPartOf\":{\"@id\":\"https:\/\/jumpcloud.com\/blog\/totp-2fa-pros-cons\"},\"author\":{\"name\":\"Megan Anderson\",\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/person\/7d2acfcb7b5720fb45432d3c88dfb677\"},\"headline\":\"TOTP Two-Factor Authentication (2FA) &#8211; Pros and Cons\",\"datePublished\":\"2020-04-19T15:00:39+00:00\",\"dateModified\":\"2022-09-13T16:40:34+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/jumpcloud.com\/blog\/totp-2fa-pros-cons\"},\"wordCount\":598,\"publisher\":{\"@id\":\"https:\/\/jumpcloud.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/jumpcloud.com\/blog\/totp-2fa-pros-cons#primaryimage\"},\"thumbnailUrl\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2020\/03\/totp-2fa-pros-cons.jpeg\",\"articleSection\":[\"How-To\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/jumpcloud.com\/blog\/totp-2fa-pros-cons\",\"url\":\"https:\/\/jumpcloud.com\/blog\/totp-2fa-pros-cons\",\"name\":\"TOTP Two-Factor Authentication (2FA) - Pros and Cons - JumpCloud\",\"isPartOf\":{\"@id\":\"https:\/\/jumpcloud.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/jumpcloud.com\/blog\/totp-2fa-pros-cons#primaryimage\"},\"image\":{\"@id\":\"https:\/\/jumpcloud.com\/blog\/totp-2fa-pros-cons#primaryimage\"},\"thumbnailUrl\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2020\/03\/totp-2fa-pros-cons.jpeg\",\"datePublished\":\"2020-04-19T15:00:39+00:00\",\"dateModified\":\"2022-09-13T16:40:34+00:00\",\"description\":\"Admins commonly employ TOTP for two-factor authentication (2FA), but it has a few drawbacks to consider before adopting it for your organization.\",\"breadcrumb\":{\"@id\":\"https:\/\/jumpcloud.com\/blog\/totp-2fa-pros-cons#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/jumpcloud.com\/blog\/totp-2fa-pros-cons\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/jumpcloud.com\/blog\/totp-2fa-pros-cons#primaryimage\",\"url\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2020\/03\/totp-2fa-pros-cons.jpeg\",\"contentUrl\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2020\/03\/totp-2fa-pros-cons.jpeg\",\"width\":780,\"height\":521,\"caption\":\"TOTP Two-Factor Authentication (2FA) - Pros and Cons\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/jumpcloud.com\/blog\/totp-2fa-pros-cons#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/jumpcloud.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"TOTP Two-Factor Authentication (2FA) &#8211; Pros and Cons\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/jumpcloud.com\/#website\",\"url\":\"https:\/\/jumpcloud.com\/\",\"name\":\"JumpCloud\",\"description\":\"Daily insights on directory services, IAM, LDAP, identity security, SSO, system management (Mac, Windows, Linux), networking, and the cloud.\",\"publisher\":{\"@id\":\"https:\/\/jumpcloud.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/jumpcloud.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/jumpcloud.com\/#organization\",\"name\":\"JumpCloud\",\"url\":\"https:\/\/jumpcloud.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png\",\"contentUrl\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png\",\"width\":598,\"height\":101,\"caption\":\"JumpCloud\"},\"image\":{\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/person\/7d2acfcb7b5720fb45432d3c88dfb677\",\"name\":\"Megan Anderson\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/person\/image\/1137c152b014919b03c19ac2c8377ede\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/d1793fee47c43b6992aa8aa580f8b843?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/d1793fee47c43b6992aa8aa580f8b843?s=96&d=mm&r=g\",\"caption\":\"Megan Anderson\"},\"description\":\"Megan is a content writer at JumpCloud with a B.A. in English from MSU Denver. Colorado-born and raised, she enjoys hiking, skiing, and all manner of dogs.\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"TOTP Two-Factor Authentication (2FA) - Pros and Cons - JumpCloud","description":"Admins commonly employ TOTP for two-factor authentication (2FA), but it has a few drawbacks to consider before adopting it for your organization.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/jumpcloud.com\/blog\/totp-2fa-pros-cons","og_locale":"en_US","og_type":"article","og_title":"TOTP Two-Factor Authentication (2FA) - Pros and Cons","og_description":"Admins commonly employ TOTP for two-factor authentication (2FA), but it has a few drawbacks to consider before adopting it for your organization.","og_url":"https:\/\/jumpcloud.com\/blog\/totp-2fa-pros-cons","og_site_name":"JumpCloud","article_published_time":"2020-04-19T15:00:39+00:00","article_modified_time":"2022-09-13T16:40:34+00:00","og_image":[{"width":780,"height":521,"url":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2020\/03\/totp-2fa-pros-cons.jpeg","type":"image\/jpeg"}],"author":"Megan Anderson","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Megan Anderson","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/jumpcloud.com\/blog\/totp-2fa-pros-cons#article","isPartOf":{"@id":"https:\/\/jumpcloud.com\/blog\/totp-2fa-pros-cons"},"author":{"name":"Megan Anderson","@id":"https:\/\/jumpcloud.com\/#\/schema\/person\/7d2acfcb7b5720fb45432d3c88dfb677"},"headline":"TOTP Two-Factor Authentication (2FA) &#8211; Pros and Cons","datePublished":"2020-04-19T15:00:39+00:00","dateModified":"2022-09-13T16:40:34+00:00","mainEntityOfPage":{"@id":"https:\/\/jumpcloud.com\/blog\/totp-2fa-pros-cons"},"wordCount":598,"publisher":{"@id":"https:\/\/jumpcloud.com\/#organization"},"image":{"@id":"https:\/\/jumpcloud.com\/blog\/totp-2fa-pros-cons#primaryimage"},"thumbnailUrl":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2020\/03\/totp-2fa-pros-cons.jpeg","articleSection":["How-To"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/jumpcloud.com\/blog\/totp-2fa-pros-cons","url":"https:\/\/jumpcloud.com\/blog\/totp-2fa-pros-cons","name":"TOTP Two-Factor Authentication (2FA) - Pros and Cons - JumpCloud","isPartOf":{"@id":"https:\/\/jumpcloud.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/jumpcloud.com\/blog\/totp-2fa-pros-cons#primaryimage"},"image":{"@id":"https:\/\/jumpcloud.com\/blog\/totp-2fa-pros-cons#primaryimage"},"thumbnailUrl":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2020\/03\/totp-2fa-pros-cons.jpeg","datePublished":"2020-04-19T15:00:39+00:00","dateModified":"2022-09-13T16:40:34+00:00","description":"Admins commonly employ TOTP for two-factor authentication (2FA), but it has a few drawbacks to consider before adopting it for your organization.","breadcrumb":{"@id":"https:\/\/jumpcloud.com\/blog\/totp-2fa-pros-cons#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/jumpcloud.com\/blog\/totp-2fa-pros-cons"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/jumpcloud.com\/blog\/totp-2fa-pros-cons#primaryimage","url":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2020\/03\/totp-2fa-pros-cons.jpeg","contentUrl":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2020\/03\/totp-2fa-pros-cons.jpeg","width":780,"height":521,"caption":"TOTP Two-Factor Authentication (2FA) - Pros and Cons"},{"@type":"BreadcrumbList","@id":"https:\/\/jumpcloud.com\/blog\/totp-2fa-pros-cons#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/jumpcloud.com\/"},{"@type":"ListItem","position":2,"name":"TOTP Two-Factor Authentication (2FA) &#8211; Pros and Cons"}]},{"@type":"WebSite","@id":"https:\/\/jumpcloud.com\/#website","url":"https:\/\/jumpcloud.com\/","name":"JumpCloud","description":"Daily insights on directory services, IAM, LDAP, identity security, SSO, system management (Mac, Windows, Linux), networking, and the cloud.","publisher":{"@id":"https:\/\/jumpcloud.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/jumpcloud.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/jumpcloud.com\/#organization","name":"JumpCloud","url":"https:\/\/jumpcloud.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/","url":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png","contentUrl":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png","width":598,"height":101,"caption":"JumpCloud"},"image":{"@id":"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/jumpcloud.com\/#\/schema\/person\/7d2acfcb7b5720fb45432d3c88dfb677","name":"Megan Anderson","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/jumpcloud.com\/#\/schema\/person\/image\/1137c152b014919b03c19ac2c8377ede","url":"https:\/\/secure.gravatar.com\/avatar\/d1793fee47c43b6992aa8aa580f8b843?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d1793fee47c43b6992aa8aa580f8b843?s=96&d=mm&r=g","caption":"Megan Anderson"},"description":"Megan is a content writer at JumpCloud with a B.A. in English from MSU Denver. Colorado-born and raised, she enjoys hiking, skiing, and all manner of dogs."}]}},"_links":{"self":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/posts\/44637"}],"collection":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/users\/92"}],"replies":[{"embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/comments?post=44637"}],"version-history":[{"count":2,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/posts\/44637\/revisions"}],"predecessor-version":[{"id":68917,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/posts\/44637\/revisions\/68917"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/media\/44638"}],"wp:attachment":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/media?parent=44637"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/categories?post=44637"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/tags?post=44637"},{"taxonomy":"collection","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/collection?post=44637"},{"taxonomy":"platform","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/platform?post=44637"},{"taxonomy":"funnel_stage","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/funnel_stage?post=44637"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/coauthors?post=44637"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}