Two Factor Login with Clojure

Meet & Greet w/ Pizza starts at 6:30, agenda to start no later than 7:00.

Agenda: Fun with Google Authenticator and QR Codes!

Have you enabled Two Factor login for your critical online accounts? You should! It provides greatly enhanced protection against your accounts being hacked.

We'll take a look at using Google Authenticator for Two Factor login with TOTP (Time-based One Time Password) - the algorithm used by Google, Dropbox, Apple, and many others for their Two Factor login.

And it turns out that you can easily add Clojure-based Two Factor login to your own web applications!

With a few lines of Clojure code you'll be able to:

• Protect your regular user passwords with an excellent hash algorithm - bcrypt.
• Generate TOTP keys for each user
• Generate a QR Code compatible with Google Authenticator (a TOTP soft-token app) for each user.
• Configure your Google Authenticator by scanning the QR code.
• Perform a Two-Factor login with Username/Password + Google Authenticator TOTP Code.

I have this all working with Curl, and have started on a Re-frame + Re-com (Reusable Reagent components) login page to call my login service. But I'm a Web UI newb. Maybe you can help.

Hope to see you there!