[{"data":1,"prerenderedAt":519},["ShallowReactive",2],{"tag-totp":3,"all-categories-for-tag-page":14,"all-tags-for-tag-page":67,"posts-totp":221},{"id":4,"description":5,"extension":6,"meta":7,"name":8,"related":5,"seo":9,"slug":10,"stem":11,"type":12,"__hash__":13},"tags/blog/tags/totp.json",null,"json",{},"TOTP",{},"totp","blog/tags/totp","topic","riJETwtQfY9yLI4-ElyyYOu6OJirnjn4Jtkw4gIaziI",[15,25,34,49,58],{"id":16,"color":5,"description":17,"extension":6,"featured":18,"icon":5,"meta":19,"name":20,"parent":5,"seo":21,"slug":22,"stem":23,"__hash__":24},"categories/blog/categories/accounting.json","Accounting workflow, reporting, controls, and finance operations guidance for modern teams.",false,{},"Accounting",{"description":17},"accounting","blog/categories/accounting","JHZttnjJUP-tRC6e5k7NurNh4tCvsyqZmOL1qiLtWH4",{"id":26,"color":5,"description":27,"extension":6,"featured":18,"icon":5,"meta":28,"name":29,"parent":5,"seo":30,"slug":31,"stem":32,"__hash__":33},"categories/blog/categories/audit-ready.json","Audit-ready workflows, controls, governance, and financial data integrity for growing teams.",{},"Audit Ready",{"description":27},"audit-ready","blog/categories/audit-ready","p3wqV4BN2QH_C_QCMF_6Go6t_GZaIJSHCbADWLVqkf0",{"id":35,"color":36,"description":37,"extension":6,"featured":38,"icon":39,"meta":40,"name":41,"parent":42,"seo":43,"slug":46,"stem":47,"__hash__":48},"categories/blog/categories/fintech.json","purple","Fintech infrastructure, embedded accounting, platform workflows, ledger systems, and financial product thinking.",true,"IconChip",{},"Fintech","technology",{"title":44,"description":45},"Fintech and Embedded Accounting Insights | Paprel","Read Paprel articles on fintech infrastructure, embedded accounting infrastructure, platform accounting workflows, ledger systems, and finance automation.","fintech","blog/categories/fintech","W_VIG5yz4Un9j5N_6xo_OqQRSZJVPZG6c75z4y-JboI",{"id":50,"color":5,"description":51,"extension":6,"featured":18,"icon":5,"meta":52,"name":53,"parent":5,"seo":54,"slug":55,"stem":56,"__hash__":57},"categories/blog/categories/product-news.json","Product updates across accounting workflows, governance, reporting, and embedded finance teams.",{},"Product News",{"description":51},"product-news","blog/categories/product-news","oIawCmv_nUZYBKARbMnfuki7s6evzAtYNQ3xyssWocE",{"id":59,"color":5,"description":60,"extension":6,"featured":18,"icon":5,"meta":61,"name":62,"parent":5,"seo":63,"slug":64,"stem":65,"__hash__":66},"categories/blog/categories/security.json","Security, access control, compliance, and trust guidance for finance and platform teams.",{},"Security",{"description":60},"security","blog/categories/security","OB9LlUq0h90zTQcROsPYbGw3qVfT99OJhcObkM95qsA",[68,75,81,89,97,105,115,129,137,145,153,161,170,176,185,194,202,210,213],{"id":69,"description":5,"extension":6,"meta":70,"name":71,"related":5,"seo":72,"slug":71,"stem":73,"type":12,"__hash__":74},"tags/blog/tags/2fa.json",{},"2fa",{},"blog/tags/2fa","R6JN0j4qf2RHNGxEEfeEifp43syokvBKFb5V396EUZs",{"id":76,"description":5,"extension":6,"meta":77,"name":20,"related":5,"seo":78,"slug":22,"stem":79,"type":12,"__hash__":80},"tags/blog/tags/accounting.json",{},{},"blog/tags/accounting","Efq3YvRBxDKMsFY1UckjSyJI0lmKIdH5ahKiIkKGcN8",{"id":82,"description":5,"extension":6,"meta":83,"name":84,"related":5,"seo":85,"slug":86,"stem":87,"type":12,"__hash__":88},"tags/blog/tags/ai.json",{},"AI",{},"ai","blog/tags/ai","DY32JcywM4FZclU2kCQ8Z-Bjl80IxXUdcbQIwfvNhr4",{"id":90,"description":5,"extension":6,"meta":91,"name":92,"related":5,"seo":93,"slug":94,"stem":95,"type":12,"__hash__":96},"tags/blog/tags/authentication.json",{},"Authentication",{},"authentication","blog/tags/authentication","aq4n8_2JKdbwnz4s0FwpE16QV_z3BK3-Ay-_PaQfhRs",{"id":98,"description":5,"extension":6,"meta":99,"name":100,"related":5,"seo":101,"slug":102,"stem":103,"type":12,"__hash__":104},"tags/blog/tags/automation.json",{},"Automation",{},"automation","blog/tags/automation","8WNyhoOHFLx4cNvpfsaijqxUFti8PlKicTshrXSVoCk",{"id":106,"description":107,"extension":6,"meta":108,"name":109,"related":5,"seo":110,"slug":111,"stem":112,"type":113,"__hash__":114},"tags/blog/tags/b2b.json","B2B accounting, finance operations, and platform infrastructure perspectives from Paprel.",{},"B2B",{"description":107},"b2b","blog/tags/b2b","industry","cIOITwjoZyaTyYOyBsNffktnbplHiZQ_rcHKs5E8668",{"id":116,"description":117,"extension":6,"meta":118,"name":119,"related":120,"seo":122,"slug":126,"stem":127,"type":113,"__hash__":128},"tags/blog/tags/bank-reconciliation.json","Posts about transaction matching and accounting",{},"Bank Reconciliation",[121,46],"accounting-infrastructure",{"title":123,"description":124,"image":125},"Bank Reconciliation Resources","Learn modern reconciliation techniques","/social/tags/reconciliation-og.jpg","bank-reconciliation","blog/tags/bank-reconciliation","HCYLW8StJcXz72Vwe0AIfxXGE1qR2CkE4d2nROKObqA",{"id":130,"description":5,"extension":6,"meta":131,"name":132,"related":5,"seo":133,"slug":134,"stem":135,"type":12,"__hash__":136},"tags/blog/tags/compliance.json",{},"Compliance",{},"compliance","blog/tags/compliance","4T75CwD57jHdrBH2oUda6gVd_HkeKmF07USVnfn2M68",{"id":138,"description":5,"extension":6,"meta":139,"name":140,"related":5,"seo":141,"slug":142,"stem":143,"type":12,"__hash__":144},"tags/blog/tags/cybersecurity.json",{},"Cybersecurity",{},"cybersecurity","blog/tags/cybersecurity","CXFBZC0PCIrAe7IIfAAiDGI2XpMmcRvMp0dB1ZAGwrw",{"id":146,"description":5,"extension":6,"meta":147,"name":148,"related":5,"seo":149,"slug":150,"stem":151,"type":12,"__hash__":152},"tags/blog/tags/data-protection.json",{},"Data Protection",{},"data-protection","blog/tags/data-protection","_nzvhPUPZ_FXwqAT7CpGWd26VjBAh1YGvPgcte2Ie0U",{"id":154,"description":5,"extension":6,"meta":155,"name":156,"related":5,"seo":157,"slug":158,"stem":159,"type":12,"__hash__":160},"tags/blog/tags/desktop-app.json",{},"Desktop App",{},"desktop-app","blog/tags/desktop-app","Gztd2OUBqcvD_MtqONO3iBkROIb7pslONjonrQh8UzA",{"id":162,"description":163,"extension":6,"meta":164,"name":165,"related":5,"seo":166,"slug":167,"stem":168,"type":12,"__hash__":169},"tags/blog/tags/embedded-accounting.json","Articles on embedded accounting infrastructure, ledger-backed workflows, platform accounting, and AI-ready finance operations.",{},"Embedded Accounting",{"description":163},"embedded-accounting","blog/tags/embedded-accounting","EELvrizkox-wTxMUE0bpm9T9wa1zAltCuCRJe4flQGU",{"id":171,"description":5,"extension":6,"meta":172,"name":41,"related":5,"seo":173,"slug":46,"stem":174,"type":12,"__hash__":175},"tags/blog/tags/fintech.json",{},{},"blog/tags/fintech","EpOFrw-SbBpVJxEp51xTNzRoTsld08W1WE_7utHiaws",{"id":177,"description":178,"extension":6,"meta":179,"name":180,"related":5,"seo":181,"slug":182,"stem":183,"type":12,"__hash__":184},"tags/blog/tags/mcp.json","Articles about MCP, AI-ready finance workflows, and structured accounting interfaces for modern software products.",{},"MCP",{"description":178},"mcp","blog/tags/mcp","BpGQ14vW5TMb5HCQ8R4HUmWv1fTA_dKkI9Ri8qSsLwA",{"id":186,"description":187,"extension":6,"meta":188,"name":189,"related":5,"seo":190,"slug":191,"stem":192,"type":113,"__hash__":193},"tags/blog/tags/neobanking.json","Articles for neo-bank and fintech teams evaluating accounting workflows and financial infrastructure.",{},"Neobanking",{"description":187},"neobanking","blog/tags/neobanking","DJRE-PtVaF-Q3COHbuf7kNlprbRFX9ukU6z8_cdkgqw",{"id":195,"description":5,"extension":6,"meta":196,"name":197,"related":5,"seo":198,"slug":199,"stem":200,"type":12,"__hash__":201},"tags/blog/tags/productivity.json",{},"Productivity",{},"productivity","blog/tags/productivity","EV2CnrOb5DqKbxwzPEQdglUFibuDa83Wh_fp1gIl3WM",{"id":203,"description":5,"extension":6,"meta":204,"name":205,"related":5,"seo":206,"slug":207,"stem":208,"type":12,"__hash__":209},"tags/blog/tags/saas.json",{},"SaaS",{},"saas","blog/tags/saas","pN0hLjv3aT3PGTOroH62z0dHHZyoEryCzliVUsn_JRk",{"id":4,"description":5,"extension":6,"meta":211,"name":8,"related":5,"seo":212,"slug":10,"stem":11,"type":12,"__hash__":13},{},{},{"id":214,"description":5,"extension":6,"meta":215,"name":216,"related":5,"seo":217,"slug":218,"stem":219,"type":12,"__hash__":220},"tags/blog/tags/workflow.json",{},"Workflow",{},"workflow","blog/tags/workflow","C3gUczCCGeRf46p03vVRgi0hcUpJznaFb4pJeKhb2qk",{"posts":222,"total":518},[223],{"id":224,"title":225,"author":5,"body":226,"category":64,"contributors":5,"coverImage":500,"createdAt":504,"description":505,"extension":506,"featured":38,"meta":507,"navigation":38,"path":508,"publishedAt":504,"seo":509,"slug":512,"status":513,"stem":514,"subtitle":515,"tags":516,"updatedAt":5,"__hash__":517},"blog/blog/2025/08/15-what-is-totp-two-factor-authentication.md","What is TOTP? And Why It's Your Best Defense Against Hacks",{"type":227,"value":228,"toc":489},"minimark",[229,247,250,255,261,264,268,271,274,277,281,284,321,324,328,331,351,355,358,390,393,396,419,423,426,434,438,441,461,464,467,472,481],[230,231,232,233,237,238,241,242,246],"p",{},"You've been hacked. It's not a matter of ",[234,235,236],"em",{},"if",", but ",[234,239,240],{},"when",". With over ",[243,244,245],"strong",{},"80% of confirmed data breaches"," linked to stolen or weak passwords, relying on passwords alone is a recipe for disaster.",[230,248,249],{},"The solution isn't creating a more complex password-it's adopting a smarter way to log in. Enter Two-Factor Authentication (2FA), and specifically TOTP (Time-based One-Time Password), the silent guardian protecting your digital life.",[251,252,254],"h2",{"id":253},"totp-explained-the-30-second-shield","TOTP Explained: The 30-Second Shield",[230,256,257,260],{},[243,258,259],{},"What is TOTP in 2FA?","\nTOTP is a security method where your phone generates a temporary, unique login code that expires every 30 seconds. It's the most widely adopted and secure form of 2FA, used in apps like Google Authenticator, Authy, and Microsoft Authenticator.",[230,262,263],{},"Think of it as a constantly changing digital key-a code only you possess, valid for a fleeting moment.",[251,265,267],{"id":266},"the-phishing-test-why-passwords-fail","The Phishing Test: Why Passwords Fail",[230,269,270],{},"Imagine this scenario: You get a Slack message from \"HR\" about a bonus. The link looks correct. The login page looks perfect. You enter your password. Nothing happens.",[230,272,273],{},"In reality, you've just been phished, and your password is now circulating on the dark web.",[230,275,276],{},"Passwords are the weakest link-they can be guessed, stolen, reused, or leaked in a corporate breach. TOTP breaks this cycle by ensuring a password alone is worthless without the physical device generating your codes.",[251,278,280],{"id":279},"how-totp-works-your-unbreakable-login-ritual","How TOTP Works: Your Unbreakable Login Ritual",[230,282,283],{},"Enabling TOTP authentication is simple, but the protection is profound.",[285,286,287,294,300],"ol",{},[288,289,290,293],"li",{},[243,291,292],{},"The Secure Handshake"," – When you enable 2FA on a service (like Paprel), you scan a QR code with your authenticator app. This securely shares a secret key.",[288,295,296,299],{},[243,297,298],{},"The Cryptographic Code"," – Your app uses the secret key plus the current time to generate a new 6-digit code every 30 seconds.",[288,301,302,305,306],{},[243,303,304],{},"The Login Process"," – To log in, you provide:\n",[307,308,309,315],"ul",{},[288,310,311,314],{},[243,312,313],{},"Something you know:"," your password.",[288,316,317,320],{},[243,318,319],{},"Something you have:"," the current TOTP code from your phone.",[230,322,323],{},"For a hacker to succeed, they'd need your password, your physical phone, and perfect timing within a 30-second window-virtually impossible.",[251,325,327],{"id":326},"why-businesses-must-treat-totp-as-essential","Why Businesses Must Treat TOTP as Essential",[230,329,330],{},"For businesses-especially in finance, accounting, and regulated industries-TOTP-based 2FA isn't optional. It's a business imperative.",[307,332,333,339,345],{},[288,334,335,338],{},[243,336,337],{},"Neutralizes phishing & credential theft"," – A stolen password is useless.",[288,340,341,344],{},[243,342,343],{},"Supports security and compliance readiness"," – 2FA is a common control in programs shaped by SOC 2, ISO 27001, GDPR, CCPA, and Singapore's PDPA.",[288,346,347,350],{},[243,348,349],{},"Builds client trust"," – Proactively safeguarding sensitive financial data signals professionalism and care.",[251,352,354],{"id":353},"paprel-engineered-for-compliance-and-secure-integration","Paprel: Engineered for Compliance and Secure Integration",[230,356,357],{},"At Paprel, we don't treat security as a feature-it's the foundation of our platform. Our TOTP-based 2FA implementation is designed to support security programs shaped by common frameworks such as:",[307,359,360,366,372,378,384],{},[288,361,362,365],{},[243,363,364],{},"SOC 2 readiness"," – Security and availability controls for financial data integrity.",[288,367,368,371],{},[243,369,370],{},"ISO 27001-aligned practices"," – International best practices for information security management.",[288,373,374,377],{},[243,375,376],{},"GDPR & CCPA"," – Protecting personal data against unauthorized access.",[288,379,380,383],{},[243,381,382],{},"Singapore's PDPA"," – Meeting local regulatory requirements for privacy and data protection.",[288,385,386,389],{},[243,387,388],{},"Financial Industry Standards"," – Aligning with expectations from banks, auditors, and regulators.",[230,391,392],{},"Our authentication API ensures this security extends across your tech stack-whether you're integrating third-party accounting tools, internal systems, or single sign-on (SSO) providers.",[230,394,395],{},"With Paprel 2FA you get:",[307,397,398,405,412],{},[288,399,400,401,404],{},"🔒 ",[243,402,403],{},"Readiness-oriented controls"," – Built with international and local expectations in mind.",[288,406,407,408,411],{},"🔗 ",[243,409,410],{},"Seamless integration"," – Works across your existing tools and ecosystem.",[288,413,414,415,418],{},"⚡ ",[243,416,417],{},"Effortless setup"," – Enable 2FA in under two minutes with any authenticator app.",[251,420,422],{"id":421},"paprel-setup-two-factor-authentication","Paprel: Setup Two-Factor Authentication",[230,424,425],{},"User Profile > Two-Factor Authentication",[230,427,428],{},[429,430],"img",{"src":431,"alt":432,"title":432,"style":433},"https://storage.googleapis.com/nl-blog/features/setting/2fa-setup.webp","Paprel - Two-Factor Setup","width: 50%; height: auto; margin: 1.5rem 0;",[251,435,437],{"id":436},"your-5-minute-action-plan-for-unbreakable-security","Your 5-Minute Action Plan for Unbreakable Security",[230,439,440],{},"Don't wait for a breach to act. Here's how to strengthen your defenses today:",[285,442,443,449,455],{},[288,444,445,448],{},[243,446,447],{},"Identify critical accounts"," – Email, banking, cloud storage, password managers.",[288,450,451,454],{},[243,452,453],{},"Enable 2FA everywhere"," – Use an authenticator app like Google Authenticator or Authy.",[288,456,457,460],{},[243,458,459],{},"Secure your Paprel account first"," – This is where your most sensitive business data lives.",[230,462,463],{},"Your password is the key. TOTP is the vault door.",[465,466],"hr",{},[230,468,469],{},[243,470,471],{},"🔐 Ready to secure your financial data with enterprise-grade protection?",[230,473,474,480],{},[475,476,479],"a",{"href":477,"style":478},"/pricing","\ndisplay: inline-block;\ntext-decoration: underline\n","\nSign up for a free Paprel account\n"," and enable 2FA in minutes.",[230,482,483,484,488],{},"Already evaluating the product? ",[475,485,487],{"href":486,"style":478},"https://app.newledger.io","\nLogin\n"," to instantly upgrade your protection.",{"title":490,"searchDepth":491,"depth":491,"links":492},"",2,[493,494,495,496,497,498,499],{"id":253,"depth":491,"text":254},{"id":266,"depth":491,"text":267},{"id":279,"depth":491,"text":280},{"id":326,"depth":491,"text":327},{"id":353,"depth":491,"text":354},{"id":421,"depth":491,"text":422},{"id":436,"depth":491,"text":437},{"src":501,"alt":502,"credit":503},"https://storage.googleapis.com/nl-blog/features/setting/enter-otp-pana.webp","Smartphone showing a two-factor authentication code on screen","Illustrations by Storyset","2025-08-14","You've been hacked. It's not a matter of if, but when. With over 80% of confirmed data breaches linked to stolen or weak passwords, relying on passwords alone is a recipe for disaster.","md",{},"/blog/2025/08/15-what-is-totp-two-factor-authentication",{"title":510,"description":511},"TOTP 2FA Guide: Security & Compliance Essentials | Paprel","Over 80% of breaches involve stolen passwords. Discover how TOTP two-factor authentication works and why MFA supports security and privacy programs shaped by SOC 2, ISO 27001, GDPR, and PDPA expectations.","what-is-totp-two-factor-authentication","published","blog/2025/08/15-what-is-totp-two-factor-authentication","Learn how Time-based One-Time Passwords work and why they support security programs shaped by SOC 2 and ISO 27001 expectations.",[142,71,10,134,94,150],"ywqrhAAwCyMr8lI0BvadkEFwlnvNDg3_LNrOYKuV_R4",1,1778949515699]