1 00:00:00,000 --> 00:00:06,680 Thanks for watching TechWiki. Click the subscribe button, then enable notifications with the bell icon so you won't miss any future videos. 2 00:00:06,960 --> 00:00:14,120 So you're going about your day when you get an alarming sounding email telling you that some miscreant has gotten into one of your accounts 3 00:00:14,120 --> 00:00:19,560 and they might be rifling through your embarrassing personal files at this very moment. 4 00:00:19,560 --> 00:00:26,800 Oh, if only you'd enabled two-factor authentication like we urged you to in this video here. 5 00:00:26,800 --> 00:00:33,160 So you frantically change your password, set up two-factor so you'll get login codes on your smartphone, 6 00:00:33,500 --> 00:00:40,660 and after a short period of relief when you realize it was just a throwaway account you used for online dating back when you were single, 7 00:00:41,040 --> 00:00:48,740 you get to wondering, how exactly does that code generator app sync up with the service that you're trying to log into? 8 00:00:48,960 --> 00:00:52,040 And does it work without an internet or cell connection? 9 00:00:52,820 --> 00:00:56,740 Well, as it turns out, generating a new string of numbers to punch in, 10 00:00:56,800 --> 00:01:04,580 every 30 seconds or so, doesn't require continuous communication with a server somewhere after initial setup. 11 00:01:05,000 --> 00:01:13,400 Although there are a number of services that do simply send codes over email or SMS without using their own apps, 12 00:01:13,760 --> 00:01:21,880 code generators are becoming more and more popular since they can even work when you're on a plane with no SMS reception. 13 00:01:22,840 --> 00:01:26,140 You see, these code generators are based on time. 14 00:01:26,140 --> 00:01:30,340 Whenever you're setting up two-factor authentication for a new account, 15 00:01:30,340 --> 00:01:36,900 the service will randomly generate a short string of characters or a key, which it will send to your phone. 16 00:01:37,100 --> 00:01:43,060 You commonly see this as a QR code, which your authenticator app can scan using your phone's camera. 17 00:01:43,460 --> 00:01:52,640 At this point, your authenticator app will start generating these codes by taking the current time and using the specific key the server assigned to it 18 00:01:52,640 --> 00:01:56,000 to run that time value through a cryptographic hash. 19 00:01:56,140 --> 00:01:58,860 Turning it into a totally different number. 20 00:01:59,300 --> 00:02:07,340 Which number the hash function spits out will depend on your unique key, and since that key is tied to your device, 21 00:02:07,600 --> 00:02:14,580 the only practical way to get the service to validate a login attempt is to have it physically. 22 00:02:15,040 --> 00:02:19,520 Now typically, this hash function will give you a new code every 30 seconds, 23 00:02:20,040 --> 00:02:25,280 invalidating the old one shortly afterward. This makes life very difficult for would-be attackers. 24 00:02:25,280 --> 00:02:34,480 Unless a hacker could steal a code with a keylogger or something and enter it, along with a valid password, in a matter of seconds, 25 00:02:34,480 --> 00:02:40,420 any code that they steal would be about as worthless as front-row tickets to last night's big game. 26 00:02:40,920 --> 00:02:47,600 This half a minute window also gives your phone a bit of buffer in case its clock isn't exactly synced up with the server, 27 00:02:47,820 --> 00:02:54,560 because it's much more likely that your phone's time is within 30 seconds of a server than within a hundredth of a second. 28 00:02:55,280 --> 00:03:00,220 And since all your phone needs to know is the current time and the secret key, 29 00:03:00,520 --> 00:03:06,520 your phone can be missing a SIM card, have a broken Wi-Fi transponder, or even a cracked screen, 30 00:03:06,800 --> 00:03:09,200 but it can still give you valid codes. 31 00:03:09,660 --> 00:03:10,160 Cool. 32 00:03:10,640 --> 00:03:18,700 And because this implementation is quite simple, free apps like Google Authenticator and Authy can support loads of different websites, 33 00:03:18,700 --> 00:03:24,760 meaning that you don't need a dedicated app littering your home screen for every service that you use. 34 00:03:25,280 --> 00:03:28,220 Of course, this convenience doesn't mean that it's perfect. 35 00:03:28,220 --> 00:03:31,780 Your phone could suffer a battery problem that could mess up its clock, 36 00:03:31,880 --> 00:03:34,600 the encryption could be broken by brute force, 37 00:03:34,600 --> 00:03:40,260 or an attacker could just get really lucky and guess your six-digit code, 38 00:03:40,260 --> 00:03:45,120 which, winning the Powerball is far less likely, and that worked for Judy F. from Clifton. 39 00:03:45,120 --> 00:03:47,120 I gotta go buy some lottery tickets! 40 00:03:47,840 --> 00:03:49,160 Bye! 41 00:03:49,160 --> 00:03:52,010 This video is brought to you by Cheddar. 42 00:03:52,010 --> 00:03:53,570 Over on Cheddar's YouTube channel, 43 00:03:53,570 --> 00:03:55,370 they've got a variety of different segments, 44 00:03:55,370 --> 00:03:57,810 covering a wide variety of topics. 45 00:03:57,810 --> 00:04:00,430 One segment is called Cheddar Explains, 46 00:04:00,430 --> 00:04:03,990 where they take a particular topic and, well, they explain it. 47 00:04:03,990 --> 00:04:09,190 So you can check out Cheddar's video on robotic, exotic dancers, 48 00:04:09,190 --> 00:04:10,610 not kidding, 49 00:04:10,610 --> 00:04:11,970 through the link below, 50 00:04:11,970 --> 00:04:15,010 where they take a look at how jobs for actual humans, 51 00:04:15,010 --> 00:04:17,330 including pole dancing, 52 00:04:17,330 --> 00:04:22,770 may be impacted in the future by robots that are designed for companionship. 53 00:04:22,770 --> 00:04:24,530 So thanks for watching, guys! 54 00:04:24,530 --> 00:04:25,130 Like, dislike, 55 00:04:25,130 --> 00:04:25,630 check out our other channels, 56 00:04:25,630 --> 00:04:25,670 and don't forget to subscribe! 57 00:04:25,670 --> 00:04:28,610 If you like our channels, leave a comment with video suggestions and subscribe! 58 00:04:28,610 --> 00:04:29,830 Subscribe!