Generate Shared Key For Google Authenticator
Apr 09, 2015 To use Google Authenticator in WinAuth, click on the button “Add” and select the option “Google.” This action will open the Google Authenticator configuration window. Here you need to enter the shared key given by Google to get the TOTP. Google Authenticator uses two algorithms: HOTP and TOTP which are described in RFC 4226 and RFC 6238. These algorithms generate one-time passwords (OTPs) based on the secret key. To generate OTPs a secret needs to be shared between the server and the client. The secret key usually displays in the form of QR code.
What is Google Authenticator?
The Google Authenticator is an app that utilizes two-factor authentication (2FA) services with the help of two algorithms. The first one is the Time-based One-time Password Algorithm (TOTP) and the other is the HMAC-based One-time Password Algorithm (HOTP). The algorithms are used for authenticating users of smartphone apps by Google itself.
The app gives users a 6-8 digit one-time password, which the users have to then type in addition to their login and password to log into Google. Inflow inventory license key generator. This applies to both Google services and other websites. Google Authenticator is also capable of generating passwords for third-party apps as well. This includes file hosting services and other software. The Authenticator was originally open-source, but its newest builds are not.
How do I use it?
Usually, you would install Google Authenticator on your smartphone. Afterward, any time you try to log into a website that two-factor authentication, you will supply your username and password to the website you're visiting. The Authenticator will generate another password, which is one time only. That same password will be separately generated by the website itself. Once you enter it you'll be able to browse as normal.
Sounds complicated, right? The way this works is the selected website will transmit a shared secret key to you via a secure channel, which will be stored in the Google Authenticator app itself. /kaspersky-internet-security-2014-activation-key-generator-download.html. You'll need this key for any and all future visits to the website.
The benefit of this whole process is that knowing your username and password won't be enough to hack your accounts. An attacker would also need to have physical access to your smartphone and the secret key itself. This drastically reduces the chances of having your security breached.
What if I lose my Google Authenticator key?
First of all, it's recommended that you change your Google account login and password to prevent hacks while you recover your key. Here's how that can be done.
Use a backup phone.
If you have a backup phone listed Google can send the codes to it in the event you lost your main one.
Sign in from your computer.
If you're logged into your Google account on your computer you might be able to disable the two-step verification until you can get back your verification key.
Get a new phone.
You may be able to get a phone or SIM card with the same number depending on your chosen carrier.
Fill out an account recovery form.
This is the hardest and longest step. It's generally a last resort.
- Sign in to your Google account.
- Navigate to the verification code page.
- Select 'More options'.
- Click 'Get help'.
- Then 'Request Google's help'.
Take your time to fill out the form. It will be based on the things Google knows about you, like when you created your account, which services you use etc. Be careful and be honest with each question.
English
Updated on November 5, 2019
Google Authenticator is pretty great. It allows me as an administrator to setup and configure multi-factor authentication into my UNIX boxes without having to spend money on a tool like YubiKey or RSA tokens. It’s easy to set up on any type of phone – no specialized hardware or dongles needed. It’s also pretty cool in that you don’t have to have network access from the server to the outside world. Since Google Authenticator is time-based, it doesn’t need to send an SMS or do a call out to a centralized server to get the current valid token.
We are particularly fond of Google Authenticator because we leverage it for our multi-factor auth within JumpCloud’s Directory-as-a-Service® platform. IT admins can set MFA access to the JumpCloud® user and admin consoles. Additionally, system level MFA can be instituted for Linux and Mac devices (Windows is coming soon!).
What is a bit painful, though, is having to have a different Google Authenticator token for every one of my servers. The standard setup would have you run the google-authenticator command on each and have as many tokens as you have servers. Obviously, this quickly becomes unwieldy and untenable.
Instead, I want to have one Google Authenticator token for multiple servers. Here’s how I installed and configured Google Authenticator on each system
First Machine
My first machine I’m going to installGoogle Authenticator and create a secret key – the exact flow I’d use normally.
1 – Install Google Authenticator. This is pretty well documented, examples atuntrusted connection and How-To Geek. I won’t walk through each step since this part varies from OS to OS – the rest of the steps are identical however.
2 – Restart the ssh service
3 – Run the google-authenticator command to generate a secret key for your account which you’ll store in your phone. This information will be stored in a configuration file that we’re going to get into later. I don’t need to comment that you actually have to enter the secret key into your phone, do I?
4 – Give it a spin. From another shell go ahead and try it out.
5 – Let’s take a look at the configuration file. We’re going to copy these contents to our other machines that we want to have the same secret key.
Installing Google Authenticator On Additional Machines
For all other machines I’m going to install Google Authenticator as normal, but I’m going to use the secret key from the first machine. This will let me log into each of them using that same secret key that I stored from the first machine.
1 – Install Google Authenticator. Again, other places describe this in detail. We’re going to install the program but not do the creation of any secret keys
Generate Shared Key For Google Authenticator Login
2 – Create the configuration file and add the content that we got from the other machine:
3 – Set permissions for the configuration file.
4 – Restart the ssh service.
5 – Test the login
Generate Shared Key For Google Authenticator Free
Voila! A shared Google Authenticator secret key across my servers! Happy day.