At the top of the browser, enter: g.co/verifyaccount. Sign in to your Google Account on the new device. Below the QR code, choose Try another way. The answer is: create a password without ever letting the user knowing it! so what's the point in having another password that can be cracked in the same manner? OTP-based 2-steps authentication - the 2nd step:Ī password created by the user can be cracked in many ways. How do you do it? never ask the user for the password, instead ask for a "proof" the user has the password! but then. isn't having the proof equivalent to having the password? no, because each "proof" is time-limited, and only valid for a small time-frame (30 seconds). To wrap it up: code the secret as a QR code to allow transferring the secret to a secondary device easily and without explicitly exposing the secret to the user, and create a utility that calculates a temporary "proof", given the secret and the current time. while the "secret" of the 1st step is a password chosen by the user and has all the associated vulnerabilities (and the user is required to ^explicitly^ expose it periodically), the secret of the 2nd step is only stored on the secondary device, so it is exposed only for the initial setup of the process. Of course, there are ways to bypass that as well, but that's way safer. Oathtool -totp -b #YOUR_GOOGLE_AUTH_SECRET calculating the current OTP based on your secret.install OAuth toolkit: (e.g., using Homebrew).the coded string should be something of the form: otpauth://totp/?secret=.Configure authenticator app to get the QR code and scan it (easiest way would probably be with an app on your phone.).Login to Google on your computer and enter your account settings > Signing in to Google > 2-Step Verification (exact directions may change over time.).if you still don't care, read on :) Generating OTP token from your computer Doing it manually are you keeping the QR code or the secret somewhere in your inbox? that kind of nullifies the "2 factor" idea. If anyone has instructions for other OS, you are welcome to contribute.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |