Google 2-factor/2-step Authentication (TFA)
Locked
Google 2-factor/2-step Authentication (TFA)
 
Administrator
|
After a scare having to do with email, and reading Mat Honan's tail and subsequent expertise, I finally converted to Google's 2-step (2-factor) authentication.
Kinda an adventure. But so far so good. Thanks Sam for sorta kicking me off the ledge.
Google did an amazing job of making it approachable:
- Trusted: You can specify computers that are "trusted" thus only have to do vanilla logins. This means my Air and Mini don't have to do further TFA .. after doing it just once.
- Mobile/Apps: Google offers an interesting stunt: App Specific Codes. These are hash-like passwords for mobile and desktop apps that depend on Google but can't do the 2-factor login. You simply specify a name for apps that need this (for me, Mail.app, iCal, iPhone apps and more as I discover them) and are given a new password for them to use. Magic.
- Authenticator: Google initially has you depend on SMS or Voice mail to send you the 30-second, 6 digit PIN implementing the second factor. But you can also download an app for smartphones that act like RSA cards, giving a new PIN every 30 seconds. Its great because it works without the network, and also is simpler to use. Also solves the "mobile" problem traveling to europe .. you can get a euro-SIM and not be cut-off.
So the experience is pretty much as before after "registering" my trusted devices and App Specific Codes. All work only on thing "I have", thus the second factor.
I'll try this for a month while upgrading passwords elsewhere .. then I'll one-by-one start 2-factor on Dropbox, PayPal, Schwab, Facebook (which I may just kill), AWS and finally, Wordpress (if I haven't migrated it to JavaScript). I'm hoping 2-factor will take off so that every month I'll have a new one to consider!
-- Owen ============================================================ FRIAM Applied Complexity Group listserv Meets Fridays 9a-11:30 at cafe at St. John's College to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com |
Re: Google 2-factor/2-step Authentication (TFA)
|
Administrator
|
Oops: forgot another really nifty thing Google does: 10 1-time PINs for when you are really stuck and need a login and your phone is dead, your out of country, not near a computer and generally hung out to dry. These are printed out or stored in a file and used one at a time as the second factor when all else fails. A supreme fallback.
-- Owen
On Wed, Jan 30, 2013 at 9:21 PM, Owen Densmore <[hidden email]> wrote: After a scare having to do with email, and reading Mat Honan's tail and subsequent expertise, I finally converted to Google's 2-step (2-factor) authentication. ============================================================ FRIAM Applied Complexity Group listserv Meets Fridays 9a-11:30 at cafe at St. John's College to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com |
Re: Google 2-factor/2-step Authentication (TFA)
|
|
Now this changes my mind about two-factor identification. If I add these to 1Password, I'll feel safer traveling.
--Barry On Jan 30, 2013, at 9:25 PM, Owen Densmore wrote: Oops: forgot another really nifty thing Google does: 10 1-time PINs for when you are really stuck and need a login and your phone is dead, your out of country, not near a computer and generally hung out to dry. These are printed out or stored in a file and used one at a time as the second factor when all else fails. A supreme fallback. ============================================================ FRIAM Applied Complexity Group listserv Meets Fridays 9a-11:30 at cafe at St. John's College to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com |
«
Return to Friam
|
1 view|%1 views
| Free forum by Nabble | Edit this page |