On the 256th day of the year, we celebrate programmers day. Kudos to our programmers, for every byt(e) of their help!

Let’s dive into today’s topic of discussion, ‘Two Factor Authentication (2FA)’. With this method, signing in to your account will be a little different. 2FA adds an extra layer of security to your application, generally, via a unique One Time Password (OTP) sent by SMS or email.

Testing this seamlessly and consistently is a big challenge. It is commonly recommended to avoid automating 2FA and often teams disable 2FA in their testing environments for ease.

But, should you? Let’s dive into some authentic reads!

Before we proceed, let’s check if your account has been compromised! 🥴

Have I Been Pwned?
[Don’t panic, you can fix this!]

A little about 2FA/TFA

Beyond Passwords: 2FA, U2F And Google Advanced Protection
Go beyond the password and protect yourself from hackers and account takeovers, with added tips to stay safe.

2FA Directory
List of websites and whether or not they support 2FA.

💡 A funny take on passwords by Michael McIntyre

SSO & 2FA

Multi-Factor Authentication And Single Sign-On Explained
The two are not mutually exclusive. Here’s a read to help you decide how to allocate time and budget to one aspect over another.

How Time-Based One-Time Passwords Work And Why You Should Use Them In Your App
What is 2FA, the different methods and why should you implement it?

How to test it..

2 Factor Authentication : The Tester’s Edition
For better safety and security, many applications now use 2 factor authentication. Here is an article on how to test it as well as automate it.

Testing Two-Factor Authentication
2FA methods and how to test each one of them.

Testing Two-Factor Authentication - in2it
For security reasons two-factor authentication (2FA) is added to a login process, but how can you test this properly when random code is being generated?

What Are Typical Use-Cases For 2FA?
Some practical use cases to consider when testing 2FA.

Complete List Of Scenarios To Test OTP Feature
One of the most secure authentication these days is through sending OTP to end users. This article cover scenarios to test the OTP feature.

Automation & Tools

Selenium Testing - How To Sign In To Two-Factor Authentication?
How to sign in to a website that is protected with 2FA end to end in Selenium by generating the OTP from code with OTP.Net

Appium: Fetching OTP From The Notification Panel | With Working Code
Step by step code to get OTP from notification panel in Android using Appium.

PyOTP - The Python One-Time Password Library
Test Two Factor Authentication (2FA) in Python.

Test Automation Approach For Two-Factor Authentication
Reading the OTP from SMS using Twilio.

Django Two-Factor Authentication
Two factor authentication with Django.

How Did I Automate 2FA (Two Factor Authentication) Using Protractor?!
Nomanibrahim divides the procedure in 3 parts and proceeds to explain how he automated 2FA.

Test Automation For 2FA-Enabled Authentication With Testsigma
How 2FA-enabled applications can be tested with Testsigma.

The Best of Both Worlds— easily automate SSO as well as 2FA

Make sure to subscribe to our newsletter to continue to receive our weekly dose of testing vitamins!

Until next, see ya!

With 💚,
Team Testsigma

SHARE THIS