STRIP provides the ability to generate verification codes for sites that allow for 2-step verification, often called two-factor authentication. 2-step verification provides an additional level of security because the user, or attacker needs to provide both a valid password, as well as a verification code in order to access a given resource such as a website. The verification codes are generated often from tools such as Google Authenticator based on a secret key provided from the site. Often times, these tools do not protect the secret key, so should a users device become stolen or compromised, so does the additional level of security. STRIP can generate these verification codes all the while protecting the secret key as it does with your passwords and other sensitive data.
To begin, edit the entry within STRIP that you are adding 2-step authentication to. Add a new field, and change its type to ‘TOTP’ from the dropdown list, set the value to the secret key provided from the site:
Once you save this entry, STRIP will begin generating new verification codes, once every 30 seconds. You can now provide a verification code when required by the site from STRIP and know that your secret key is safe.
Below is a video showing how 2-step verification works:
https://vimeo.com/95780558