purpleghost
purpleghost
Google Authenticator type codes
Step2 generates Time-based One-Time Passwords (TOTP)
as well as HMAC-based One-Time Passwords (HOTP) just like Google Authenticator does
so it can be used for any services that support Google Authenticator.
Apple Watch
Step2 provides an Apple Watch app to allow you to quickly and easily
get your authentication codes with a glance to your wrist.
The Step2 Apple Watch app provides a "complication" that can be added to your watch face to give you quick access to the Step2 app with a tap on the watch face.
Secure
Step2 never sends any data across the internet. All the data stays on your
device. You are in complete control of your authentication code data.
QR Codes
To add accounts to Step2, most sites can provide a QR code to scan. With
Step2, you can simply scan the provided QR code to instantly add the account.
Manual Entry
Accounds can be added by manually entering the account data, including
your secret key.
Easy to use
All of your authentication codes are presented on the first screen
in a scrolling list view. This makes it easy and quick for you to get to your codes. The accounts
can be easily rearranged in any order, so you could put your most used accounts near the
top of the list.
Tapping on an account in the list instantly copies the code to the clipboard to make it easy to then paste into the form on the service you are logging into.
No Lock-In
Authentication codes work with the use of a "secret key".
Many authenticator apps (including Google Authenticator) do not allow you to see this secret
key once the account has been setup, making it difficult to move to a different app/phone.
With Step2, you can easily view your secret key as well as display a QR code of your account information. Both of these can be used to easily add your authenticator accounts to another app/service or to make a backup of your data.
Swipe Support
Swiping right on an account displays a QR Code button. This button will
display the QR code for that account. This could then be
used to add the account to another phone or a screenshot could be taken of
the QR code as backup.
For accounts with HMAC-based (HOTP) passwords, a swipe to the left on the account reveals a button that will increment the counter for that account, which causes a new authentication code to be generated.
Multitasking
Step2 supports Slide Over as well as Split View on iPad. This allows
you to have Step2 and another app open at the same time side-by-side. You can then easily copy
your authentication codes from Step2 and paste them into your app's window.
Code Types
Step2 can generate Time-based One-Time Passwords (TOTP) as well
as HMAC-based One-Time Passwords (HOTP).
Time-based (TOTP) passwords are the most common. These are generally 6 digit codes that change every 30 seconds. When accessing a site that uses these, you simply enter the current code when asked. This enhances security because even if someone sees one of your TOTP codes, it is only valid for 30 seconds.
HMAC-based (HOTP) passwords are also known as "counter" based passwords. These codes generally change after each use. There is a counter that you increment with a push of a button in Step2 in the iOS app or on the Watch app. Each tap of the button increases the counter and generates a new code.
Hashing Algorithms
Step2 supports SHA1, SHA256 as well as SHA512 hashing algorithms.
These are generally setup automatically when you create the account but
can be changed manually if required.
Code Length
Step2 supports 6 and 8 digits authentication codes. 6 digits codes
are the most common, but 8 digits codes are supported as well.
