[kwlug-disc] Google with TOTP
Chris Irwin
chris at chrisirwin.ca
Sun Jun 19 22:16:44 EDT 2022
On Sat, Jun 18, 2022, at 17:19, Khalid Baheyeldin wrote:
> That leaves app passwords as the other practical way for a server application. How
> often do these need to be refreshed? If it is also a week, then that is a big bummer
> moment ...
They do not expire.
They *can* be manually revoked. But otherwise they persist until you revoke them.
>
> And on the Google account level, you mentioned that TOTP works. I think I will use
> that as my 2FA for the overall account, since I can run it on Android (FreeOTP+),
> my laptop (oathtool), and the server (oathtool).
I've been using andOTP on Android. Also open source, but I liked the tags and interface more. I have 62 TOTP codes, so I need some sort of organization for them. Also, this is why I also generally prefer u2f/webauthn/yubikeys (they're also harder/impossible to phish).
I import my andOTP backup into the GNOME app "Authenticator", which works okay. Unfortunately it merges when restoring a backup, so I have to delete all codes in Authenticator before importing an updated andOTP backup...
--
*Chris Irwin*
email: chris at chrisirwin.ca
web: https://chrisirwin.ca
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20220620/6047fc10/attachment.htm>
More information about the kwlug-disc
mailing list