{"id":"iam-virtual-mfa-totp-rfc6238","text":"Virtual MFA authenticator applications generate software-based TOTP codes per RFC 6238; each token must be unique per user but a single device can hold multiple tokens.","truth_value":"IN","source":"entries/2026/03/08/iam-mfa.md","source_url":"","source_hash":"5d501b8fb778eddd","justifications":[],"dependents":[],"metadata":{},"explanation":{"steps":[{"node":"iam-virtual-mfa-totp-rfc6238","truth_value":"IN","reason":"premise"}]}}