If you are already using a phone app to generate one-time TFA codes for some accounts then you’ll need to generate new secrets for those accounts (and update the info in the phone app) so that you can capture the secret as a text string. If the server cannot provide a text string equivalent of the shared secret then you cannot use authenticator to generate one-time codes for that account.Įach account will use a different secret, a different text string. It needs the secret in the form of a text string. Typically this secret is generated by the server and captured by the client in the form of a QR code that can be scanned by the client app on your phone.īut this CLI utility doesn’t have the ability to capture or process QR images. TFA/MFA clients that produce a ‘one time’ numeric code require a secret that they share with the server validating the authentication. If my phone bricks, is lost or stolen, I can still get access to my TFA-protected accounts if I can access any of those other computers, or any other computer on which I can install and run authenticator and access a copy of my accounts file. I keep a copy of the accounts file in a variety of places. Personally, I use both Google Authenticator on my iPhone and iPad, and run authenticator on several different computer systems. The benefit of using authenticator over a phone app is that this CLI utility can run anywhere Python 3.5 can run from a command line interface (e.g., a terminal window), and the database of accounts and secrets is a platform-independent passphrase-protected encrypted file that can be backed up and can be copied to multiple systems without fear of bad actors gaining access to the second factor authentication.Īnother benefit is that authenticator can act as a backup in case you loose your phone or tablet (running Google Authenticator) or Google breaks the app or withdraws it. It is a TOTP/HOTP client that can generate the numeric codes needed for authentication with sites that support Two-Factor Authentication (TFA) or Multi-Factor Authentication (MFA). Note that this will invalidate the codes generated by previous device.Authenticator is a CLI analog to the Google Authenticator phone app, or the LastPass Authenticator phone app. Under such circumstances, if you are going to switch to a new phone or wipe your phone, you should use the update option to generate a new QR code to scan: Unless you are using an authenticator app that syncs the secret key into the cloud or supports exporting the secret key, the generated codes are specific to the device and can't be transferred.Going forward, Stripe will request a code when you sign in. Write down the backup code shown and store it in a safe place.Confirm the code that is shown on your device to finish the setup.You will be asked to scan the barcode on your screen with your mobile device’s camera. Click Add authentication method under the Two-step authentication section.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |