When you get a new phone, you need to set up each site in the app again. The problem is: The Google Authenticator does not have a method to create a backup of the sites you set up in the app. It’s like you left the key to your house in your other set of pants, and then you gave that other set of pants to Goodwill. The Google Authenticator app uses the information embedded in the QR code to generate the token that, when you visit the website later, permits you to log in.Īs you saw in the example, each website that uses the Google Authenticator app for 2FA needs to be configured on your phone - and this is how you could be locked out of one of your accounts. When you create an account with an online application that uses Google for its authentication - let’s pretend it is the ABM File Service - you are prompted to create a passcode or other token to say, “Yup, that’s me!” The ABM File Service displays a QR code that you scan into the Google Authenticator app. Which leads us to Google Authenticator, an app that provides token-based 2FA to website developers which uses Time-based One-time Password Algorithm (TOTP) and HMAC-based One-time Password Algorithm (HOTP) using algorithms specified in RFC 6238 and RFC 4226. One of the earliest token based authenticators was designed by RSA Security it consisted of a keychain fob with an LCD screen that displayed a code that changed every 10 seconds. The most secure 2FA is considered to be a token-based authentication. The downside is that text messages are easily hacked nonetheless it’s a common type of 2FA. Other websites send a code in a text message that you must enter to proceed. For example, you may be asked to choose a picture that is displayed every time you log in, which reassures you that you reached the correct website and not a phishing site. There are several ways for security experts to implement 2FA on a website, and you probably have encountered most of them. Even if a thief steals your account password, he also needs the 2FA - an additional bit of information - to gain access. By insisting that you use two ways to say, “Really, it’s me!” the web application provides the equivalent of adding a dead bolt to your front door. What’s This Authentication Stuff, and Why Should I Care?īasically, two-factor (2FA) is a common practice to guard against password theft. To understand the nature of the problem - and the solution that just quit working - let me explain what 2FA is and why the applications you depend on use it. Whoops! Although the Google Authenticator app was restored to your new phone, the settings were not - and now you can’t log into your Dropbox account. Because you previously enabled two-factor authentication using Google Authenticator, Dropbox prompts you to open the Google Authentication app (available for both Android and iPhone users) on your phone and enter the code it shows you. You sit down at your computer, and go to log into your Dropbox account. After you restore all your apps and your contacts, you are ready to return to your normal routine. Let’s say your old cell phone died and you bought a replacement. The authentication process is a little hard to explain, so let me give you an example to show why it matters. If you’ve ever been locked out of your own life, here’s how to work around that conundrum. It’s great to depend on Google’s authentication system to confirm your identity on an online application’s website - until it doesn’t work.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |