Multi-factor authentication (MFA/2FA)
There are a ton of acronyms around the topic of multi-factor authentication so let's clear a few things up first.
- This article focuses on how a robot execution can handle the multi-factor authentication steps without user intervention.
- Multi-factor authentication does NOT mean "human must be in the loop".
- MFA, 2FA, and TFA acronyms are all variations of the same thing; they all mean "multi-factor authentication".
- The underlying technologies used by the verification applications and tools are:
- Time-based One-Time Password (TOPT)
- HMAC-based One-Time Password (HOPT)
- ...quite possibly, there are others, but these are the main focus here.
How to get a robot to handle MFA
On a technical level, there are a bunch of existing Python libraries around the topic, but we decide to make it clear that there is nothing extraordinary about this.
rpaframework includes RPA.MFA -library.
The library is a wrapped around a package called pyotp
(GitHub homepage: https://github.com/pyauth/pyotp)
Our library wraps the dependency management and enables the most straightforward use cases, but you have the full features of the python library available as well if you need it.
Checkout the following resources onf the topic:
- MFA example robot in Portal
- RPA.MFA library in rpaframework
- Solution level article on GMail enforcing MFA
- Article on Google services and MFA
Last edit: September 13, 2022