A field technician frequently travels to customer sites where mobile data and SMS reception are unreliable. The IT department is enabling multifactor authentication (MFA) for the company's cloud services and has given the technician several second-factor options. Which characteristic of an authenticator application makes it the most dependable choice for this technician compared with receiving codes by text message?
It generates time-based one-time passwords on the device itself, so no network connectivity is required when the user logs in.
It functions as a physical Universal 2nd Factor (U2F) token that plugs into a USB port.
It emails a one-time passcode that the user can retrieve later when connectivity improves.
It delivers the code through a voice call that can be answered on any landline at the site.
Authenticator apps (such as Microsoft Authenticator or Google Authenticator) store a pre-shared secret and use the current time on the mobile device to generate a Time-Based One-Time Password (TOTP). Because the code is produced locally, the phone does not need cellular voice, SMS, or data service at the moment of logon; only the clock must be roughly accurate. SMS codes, email links, and voice calls all require the device to have an active network connection when the code is delivered, so they are less reliable in areas with poor reception.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a Time-Based One-Time Password (TOTP)?
Open an interactive chat with Bash
How does an authenticator app differ from SMS-based MFA?
Open an interactive chat with Bash
What happens if the clock on the mobile device is incorrect when using TOTP?