Adobe Inc.
OFFLINE MULTI-FACTOR ONE-TIME PASSWORD AUTHENTICATION

Abstract:

A server may encrypt an authentication signal using a public encryption key (e.g., a public encryption key that was generated together with a private encryption key stored on a user device pre-registered with the server). The server passes the encrypted authentication signal to a user agent (e.g., such as the web browser) and the user agent encodes the encrypted authentication signal into a machine-readable optical label. The user agent displays the machine-readable optical label for scanning by the user device. Accordingly, the user device may be unlocked by a user (e.g., using an unlock password or an unlock gesture), and the user device may scan the machine-readable optical label, decode the encrypted authentication signal encoded in the machine-readable optical label, decrypt the decoded authentication signal that was encrypted by the server, and generate an authentication code based on the decrypted authentication signal.