We recently launched a new feature called “Mailinator Authenticator”.* We sort of stealthed it into the web interface a few weeks back (it wasn’t actually very stealthy – maybe you noticed). This feature is designed to assist in testing two-factor authentication (2FA) functionality in applications. It uses the standard TOTP algorithm (just like Authy and Google Authenticator), which generate 2FA codes for personal accounts. Mailinator Authenticator is specifically designed to test the functionality of 2FA codes.
2FA is a security feature that requires a user to provide two forms of identification before they can access a system or application. This is typically achieved by requiring a password and a time-based one-time password (TOTP) generated by an app on a mobile device. This prevents unauthorized access to accounts even if an attacker has obtained the user’s password.
Mailinator Authenticator generates TOTP codes that can be used for testing 2FA functionality without compromising security. Developers and testers can use these codes to simulate the 2FA process in their applications, ensuring that the system works as intended.
To use Mailinator Authenticator, simply sign up for a Mailinator account. When logged in, you’ll have access to your Mailinator Authenticator page <https://www.mailinator.com/v4/private/mailinator_authenticator.jsp> and can add a 2FA Authenticator. Now you’re continuously generating TOTP codes for testing! The codes are generated based on a secret key, which is unique to each user and is provided by the application they are testing. Users can also set the time offset, which allows them to test codes from different times.
One of the key advantages of Mailinator Authenticator is that it is completely free to use – we’re including it as a feature for every Mailinator user! This makes it an ideal tool for developers and testers who need to test 2FA functionality – either as a spot-check, or on a regular basis.
Your team’s Authenticator is also available via API (with your team’s api token). For example, let’s say your secret key is:
YL7266JCMNO26OBL
The api call to return the passcode:
https://mailinator.com/api/v2/totp/YL7266JCMNO26OBL
… will return something like:
{
“passcode” : “825995”,
“futurecodes” : [
“384971”,
“699661”,
“268009”,
“512572”,
“616567”
],
“next_reset_secs” : 14,
“time_step” : 30
}
That is, the current time-based passcode, and also the next 5 (thank you to Christos for suggesting the “next 5” feature – we love our users).
Check out a quick screen recording of how it works:
We hope you find Mailinator Authenticator to be a useful feature. Let us know! We’d be happy to hear what you think. We haven’t yet edited the [beta] off of the page, and if you have suggestions we’d love to hear them.
* we really (really (srsly, you don’t even know)) wanted to call it Authenticatorinator.
Give Authenticator a try using a free trial here: Free Trial