[kwlug-disc] Google with TOTP
Khalid Baheyeldin
kb at 2bits.com
Tue Jun 14 16:03:08 EDT 2022
On Tue, Jun 14, 2022 at 3:10 PM Chris Irwin via kwlug-disc <
kwlug-disc at kwlug.org> wrote:
> On Tue, Jun 14, 2022, at 17:15, Khalid Baheyeldin wrote:
>
> So TOTP with Google was not an option, because they require you to give
> them
> a phone number and they send an SMS to it (at least initially).
>
>
> They probably require that initially for simplicity's sake since that is
> the most universally accessible option. However, it isn't required, at
> least at the end.
>
That is good to know ...
> My google account has the following second factors configured:
>
> * Multiple physical security keys (on me, safe backup)
> * TOTP (which, upon review, maybe I'll disable. I don't it)
>
Now that I think about it, I don't recall how TOTP would work with server
applications like getmail.
Would one generate an app password and use it? When does it expire, if at
all?
* Backup Codes (PDF in my encrypted safe storage)
> * Android prompt (which requires me to unlock my device)
>
That last one is inconvenient, since it also requires that your Android
device have internet access.
I am in the minority here, since I don't have mobile data anymore.
> I specifically have SMS disabled as it is the least secure second factor.
>
Again, good to know it is not needed.
--
Khalid M. Baheyeldin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20220614/b6c29e48/attachment.htm>
More information about the kwlug-disc
mailing list