DMThis is not an exclusively Android review. Authenticator is one of my favorite apps simply because of the added security it provides for my Google account.
Authenticator is used in conjunction with Google's two-step authentication. For those who do not know, two-step authentication provides an added layer of security. When you log into your Google account (whether through Google+ , Gmail, etc.), Google will then ask for a code. This code comes from your phone via the Authenticator app (there are other ways to get the code, but those do not involve Android). After you enter the code, you will have access to your account.
This seems like a hassle, so why would anyone use this? Two-step authentication is used by many banks as an extra means of security to prevent people from accessing your account. The same works for your google account. If your password is stolen or compromised, your account will still be inaccessible because there would be no way to access the second code displayed in your Authenticator app.
Every time one of my friend's gmail accounts is hacked, I recommend two-step authentication. It is well worth the extra few seconds it will take to enter the second code to make it infinitely more difficult for your account to be compromised. For more information on two step authentication see Google's help page here. For Authenticator on the market click here.
I will never run my Google account without two-step authentication again, and neither should you.
Update:
After posting this, I had a good discussion with one of the most knowledgable people I know when it comes to the Eris. He mentioned some concerns he had with switching ROMs on the Eris. Here is the conversation:
DM: I did try out Authenticator with the Eris, but the major problem that I had with it was that I was wiping data on the Eris itself far too often that it made its use a hassle. I may try it out again, now that I've stabilized use with the new phone.
Also, Lastpass now supports Authenticator for two-pass authentication, so that makes Lastpass even more secure.
Me: I found that I could restore the app's data with Titanium, otherwise this would have been a major problem for me as well. You do have to create a new password for the phone each time you wipe data, but I find that to be worth it for the added security. I've seen too many people get hacked.
DM: The issue wasn't the authenticator app itself - it was when I activated the Google account on the phone, I had to consult (I think - I can't recall) a list of one-time use passwords or something, rather than my account password. I always worried that I would have some sort of issue with the phone out and about, need to Nandroid restore another ROM or wipe data, and not be able to activate the phone.
Me: Good point. A restore on the go would be a problem.
This is something to keep in mind if you are rooted and like to switch ROMs a lot, especially if you do it when you're out and about with no access to a computer.
hey totally off-topic question to this post! but do you know where or if possible to download 3.0 on a Droid Eris!?
ReplyDeletesorry, I just don't have time to search google for it, and was hoping you may know!
ReplyDeleteby the Way, sorry for all the comments im using Wi-Fi and its got low signal! nice blog tho :) check mine out http://hckdos.blogspot.com
ReplyDeleteVery well put.... I'll be checking in on this blog more often.
ReplyDeleteWell, I was able to solve my problem rather quickly. Earlier this week I had to get a replacement phone and before leaving I just turned off two-factor authentication, set up the Google account on my phone, and then turned it back on again when I returned home. And, if something like this happened in a place where I was somehow not able to get online with a PC, I do have a printed list of one-time use passwords in my wallet.
ReplyDeleteI also did set up two-factor authentication with Google Authenticator on Lastpass as well, so now whenever I log in to Lastpass on a foreign computer I'll have to type in the authenticator code as well.
I join you in strongly recommending this to others. (I am the DM referenced above, BTW).