multi-factor-auth interview questions
Top multi-factor-auth frequently asked interview questions
I logged in to GMail with two-factor authentication and mistakenly left the "Remember this computer for 30 days" option checked.
I'd like to erase the authentication token, so on the next log in it'll still prompt for the temporary code, not just for the password.
Can this be done in other ways than deleting cookies?
Source: (StackOverflow)
Is it possible to use application-specific passwords on Google without going through all the hassles of the 2-step verification authentication?
What if I don't want to tie myself to a phone number on a PSTN, but still want to have some application-specific passwords?
Source: (StackOverflow)
I have three separate Gmail accounts and I'd like to use two-factor authentication on all three. Unfortunately, I do not have three cell phones on which to install the app.
Can I somehow use two-factor for three different account on the same cell phone?
Source: (StackOverflow)
I have recently discovered that login approvals on Facebook is no longer available:
Compare this with @gravity's screenshot from this answer:
Is there anything special that I'll have to ask my friend to do get Login approvals? Or is this something which Facebook has disabled? Can I enable it?
(Note: I do have Login approvals enabled and I think it's because I started using it before the feature was disabled/removed.)
Source: (StackOverflow)
How can I add a second device to a Google account to generate the one time password with?
I have added my iPhone (with the Google Authenticator app) during the 2-step verification setup wizard but I also want to add my iPad.
I can't see any options to add another device in my Google account 2-step verification section nor could I find any hints by searching the Google account help.
Source: (StackOverflow)
It looks like Google's two-factor authentication has switched to using long-expiration cookies for remembering "trusted" user agents, instead of the 30 day expiration previously used. This seems somewhat less secure because I now have to remember to manually deauthorize computers that I haven't used in a while.
Is there any way to restore the 30 day limit, short of some browser extension that automatically adjusts the cookie expiration date?
Source: (StackOverflow)
I read in the NYTimes that PayPal supports two-step verification, but I can't see where to set it up. How do I set up two-step verification in PayPal?
Source: (StackOverflow)
I use Google's two factor authentication to send my phone text messages with a string of 6 numbers every time I log into a computer that isn't mine. It has worked well so far until today.
Today, I took too long to enter the code, which would be fine normally... except I clicked through faster than I should have and realized shortly after that the "trust this computer" box was checked the second time through. I took a look through the options for my Google account and saw no obvious place to revoke the trust.
This is absolutely not a computer I want trusted for any extended amount of time.
How do I untrust a computer from Google's two-factor authentication?
Source: (StackOverflow)
I am the admin of a Google Apps domain. I created a brand new user account. I tried to sign in as that user (in a new browser) and it told me that "Your organization's policy requires you to enroll in 2-step verification. Please contact your administrator for more information." And then prompts me for a code.
How on earth would this brand new user have a code if they have never logged in before?Furthermore, when I look at this users account info from the domain admin panel, it says that 2FA is turned OFF.
Clearly when I try to login as this user it is not off since it's prompting for a code. There seems to be no way to access brand new accounts since it's requireing 2FA codes, but you can't get 2FA codes until you can login to the users account and turn it on & set it up!
Source: (StackOverflow)
Google's support page at http://support.google.com/accounts/bin/answer.py?hl=en&answer=185839 states that if I set up two-factor authentication from my Android device, it will offer me a chance to install Google Authenticator and set two-factor authentication up without needing to give a phone number.
However, when I try this on my Nexus 7, it tells me to use a computer — and that only offers me options of an SMS or a voice call, both of which require me to give Google my phone number.
I've run this account since gmail.com was launched without a phone number attached, and I don't want to give my number to one of the world's largest advertising companies!
The gmail account is not my primary email account, and nothing important or secret goes through it, but I still don't want it getting hijacked.
Is there a way around this that doesn't involve spending money on burner SIMs? (nb: I'm not in the US, so please don't suggest Google Voice :)
Source: (StackOverflow)
I use Google's two-factor authentication, because I know that access to my email account is the skeleton key to all my other accounts.
And... it's pretty annoying - I'm frequently swapping computers and other devices, and use a lot of native apps that need access to my google accounts, but I know it's the least I need to do to protect my email, since it's the only thing between me and ne'er do wells who might want to reset my Netflix password and stream bad movies that could muck up my recommendations.
The primary way to get the login code you need (in addition to your passoword) for Google's two factor auth is through the Google Authenticator app that you can install on your phone.
But, if you don't have it installed, or it's not set up, or something else goes wrong, they'll send you the code via SMS, which is presented as more of a backup method. Which brings me to my question. Assuming I'm comfortable with the security of my SMS communication:
Isn't SMS a better way to get the codes, at least from a convenience perspective?
If I disable authenticator (triggering SMS codes), whenever I need a code, it's instantly pushed to my phone, with no actions from me, and appears on any screen I'm on. I'm done.
With Authenticator running, I have to unlock my phone, open authenticator, pick the right code (I have two Google accounts), hope the code's not about to expire (the text sends one that's "fresh"), etc.
I completely understand that SMS is slightly less protected: Someone who has my phone (and presumably my password), but can't unlock the phone can see the SMS notifications, but couldn't open Authenticator. But that's a long shot. There's also the fact that services like iMessage push SMS to other devices, like Macs, iPads, etc. But again, assuming that I'm good with my control of access to my SMS:
Is there any reason to use Google's App vs. just getting texts?
Source: (StackOverflow)
I accidentally checked (or did not uncheck) the "Do not ask for 2FA on this PC again" field when I logged into Gmail on a PC that isn't mine.
Is there any way to reset this setting? I looked around in settings without finding anything.
Source: (StackOverflow)
I've got a Bitbucket account I setup using a username / password. At the moment Bitbucket doesn't allow you to have 2-step authentication on your account, so I want to change my Bitbucket login to be able to login with my Google account (which does have 2-step auth). Does any one know if this is possible?
Source: (StackOverflow)
I have set my Google account for 2-step verification through the phone number. But when I check the Don't ask for codes again on this computer option, it doesn't work, and every time I want to post a comment on YouTube, it gives me the 2-step verification page again! Can it be changed somehow?
Source: (StackOverflow)
I have 4 four Google accounts and in two of them I use docs regularly. But I can't switch accounts in Google Docs (in drive I can):
as you can see all other accounts are disabled. On some pages it tells me I must sign out of other accounts first. Why? Is there a way to avoid that? I can't use incognito mode since I use two-factor authentication.
Source: (StackOverflow)