Monday, March 4, 2013

Security Conscious: Google Two Factor Authentication with 3rd Party Sites

I'm sure many of you are aware that Google offer an option to enable two-factor authentication in order to access their services. If aren't familiar with the system, or simply haven't enabled it on your account(s) already, then I strongly recommend that you read Google's guide on the subject and enable it for any accounts you may have registered.

I have been using the two-factor authentication mechanism for some time now in conjunction with Google's own Authenticator app. One particularly nice feature is that if you have the Barcode Reader app installed, you can quickly configure the reader for each of your accounts by scanning a QR code generated during the set up.

But Wait... There's More!

I recently logged into my Dropbox account in order to remove some devices that I no longer used and I noticed that there was an option to enable two-factor authentication. At first I thought it would consist of a message sent to me (via email or SMS) whenever I attempted to log in, but I discovered I was able to use the Google Authenticator app here too; I simply scanned the QR code when presented, input the code displayed on my phone and my account was secured!

It didn't stop there either; I was also able to secure my Guild Wars 2 account using the exact same method! I wonder if there are any other services/companies out there using this authentication mechanism that I may have missed? I know that Blizzard now offer their own free app to authenticate to Battle.net, but I'd rather have a single app to install.