Awkward commercial concepts from the 80s.
Today I enabled two-factor authentication for logging into Google. I've been reluctant to because it feels a little overly complicated for what they're trying to achieve, but I had an issue with people accessing my account in the past, so I might as well try to be more secure for the future. The idea is that you have your password and separate code to log in. Your password you remember, the code is something Google gives you, generally by your phone. The code expires after use (but you can let a machine/browser be trusted after using a code, so you won't need a code on it again), so someone would have to be able to get a new code to crack into your account. The code is typically sent to you through a phone (they can even give it to you via a voice call to a landline instead of a text message to your phone).
One problem of course is that a lot of applications don't support it. To that end, you can request unique passwords for each application that needs to authenticate to Google. That has been the most annoying part. As soon as I changed to two-factor authentication, three different applications popped up password dialogues on my machine complaining that the old one didn't work. I presume I'll be generating one-time passwords for a little while now, but for now I have Empathy, Evolution Calendar and Evolution Mail working again. I can finally send mail from my desktop again (broken for like a year), and for now, Empathy seems to not be randomly refusing to connect any more (only started with Fedora 17, but I think that was a problem with GNOME Keyring and old passwords saved there).
Keine Kommentare:
Kommentar veröffentlichen