Some exchanges, in order to facilitate user experience, may require users to cancel tedious operations and input Google Authenticator passwords in some payment scenarios. Following GPT learning, why do people have to enable Google Authenticator and install it on a separate offline phone that is not connected to the internet? What is its cryptographic principle? Why is "offline phone+Google Authenticator" the safest? Because it is essentially a secret key and mathematical clock that is only in your phone and never uploaded. You can imagine it as: there is a "safe password generator" hidden in your phone that only you know, which automatically changes the password every 30 seconds according to time. This generator can work even without a network connection because it does not require any server data. When you enable Google Authenticator, you scan the QR code which contains a randomly generated 20-32 byte key (Secret). This key will only exist in two places: your Google Authenticator (offline phone), platform servers (such as exchanges), Google has no knowledge of your key, and no one can remotely steal it because it does not upload anything. Without a key, it is impossible to generate your verification code every 30 seconds. The verification code is calculated, not transmitted. The 6-digit number displayed by Google Authenticator every 30 seconds is not actually obtained from the server, but is calculated using a mathematical formula based on the key and current time. Even without a network, it can still be considered safe offline. Even if hackers know your account password, they cannot calculate your verification code because hackers do not have your Secret Key, which will never leave your phone. SMS/email may be intercepted or stolen, but offline phones will not. SMS messages may be targeted by hackers, social engineers, and telecom operators for card swapping; Hijacking SMS gateway; SS7 protocol hijacking; Trojan APP reads text messages. Emails can also be hacked, man in the middle attacks, phishing, and session read by browser Trojans. But an offline phone without a SIM card, no internet connection, no SIM card, and no social media: hackers have no way to remotely access it. This is' physical isolation security '. Why can Google Authenticator run offline? Because it uses a cryptographic standard called TOTP, which stands for Time based One Time Password. Its core feature is that it only requires a shared key and time, without the need for a network or server, and it is completely locally computed. To use the most vivid and straightforward analogy of a novice: Step 1: You share a secret key with the server, like you share a secret seed in a special calculator with the platform, and both parties save this key. Step 2: Both parties simultaneously look at the "unified clock of the world". Time is a public infrastructure that is globally consistent: every 30 seconds, there is a time slot (such as 1234567890, 1234567920...), like two people looking at the same "stopwatch" at the same time. Step 3: Use a unified mathematical machine to calculate numbers (HMAC-SHA1). Google Authenticator and server both execute: captcha=HMAC-SHA1 (key+current time)% 1000000, regardless of what HMAC-SHA1 is, just know that it is a mathematical blender that mixes "key+time" irreversibly. Changing 1 bit will completely transform it into another number. Both parties use the same key and time to obtain the same six digit number. Because the formula is completely public and the algorithm can be verified by anyone, there are no backdoors, no dependence on Google, and anyone in the world can be their own validator. Why can Google Authenticator be completely offline? Because generating a verification code only requires: a key (which you have already saved locally), time (which is the system time on your phone), and a mathematical function (HMAC-SHA1, built-in in the program). So no link needs to be connected to the Internet. As long as the mobile phone has power, it will calculate. Why are offline phones safer than online phones? Because online mobile phones may have malicious software, cloud synchronization leaks, Trojan apps, remote control by hackers, browser eavesdropping, and cloud backups being cracked. Offline phones are not connected to the internet, do not log in to social accounts, do not install app stores, do not plug in SIM cards, and do not turn on WiFi. Complete physical isolation=extremely safe. This type of mobile phone is called an Air gapped device in the security industry, which is the highest standard for military, intelligence agencies, banks, and cryptographic systems. How secure is an offline Google Authenticator? To crack your 2FA, hackers must simultaneously obtain: your account password, the secret key in your phone (which cannot be seen), physical access to your offline phone, copying the key before you notice, and accurately calculating the time window, which is almost impossible in reality.