Thursday, November 3, 2016

Surprise-and-Delight Security

Why Two-Factor Authentication?

I won't belabor the arguments in favor of it -- because they're many, and starting to get overplayed -- but the bottom-line is that some things need to be more secure than just a password is going to provide. Among those are some of the things I use for work, so I've been using two-factor for quite some time at my employer's behest.  However, I'm starting to want to move it into other parts of my life as well, but convenience has been a barrier to entry.  Incidentally, I also not really the sort of person who's really into product testimonials, but in this case, I feel compelled to make and exception both because of how overwhelmed I am by the simplicity and convenience of this app and its potential to make a lot of people's lives more secure comparatively easily.

You see, I live in an area where cell coverage inside my home, in particular, can be spotty at best. And the traditional two-factor implementations I've worked with have often depended on SMS.  Needless to say, I became curious when a colleague mentioned the successes he'd had with the Google Authenticator mobile app (which our company also accepts), so I was eager to give it a go.

I Installed Google Authenticator

Like most Android apps, downloading and installing it took a mere couple of minutes from the Play Store; so far, so good.  Configuring it to work with my work account was a matter of seconds; even better.  Using it in place of the codes I *used* to get from SMS was faster than waiting for the signal; this was turning into a major win already.

And THEN, I found the real magic....

Surprise and Delight!

What they didn't really talk about in the app description -- and what my co-worker was unaware of -- was that Authenticator automatically also installs a bundled Android Wear client if you have a Wear device managed by your phone.  So, not only was it more convenient than waiting for the SMS, but I don't even have to have my phone out to use it: I can get the second-factor code just by swiping left on my watch (LG G-Watch R) and opening the app on my *wrist*.  So as far as I'm concerned, they've conquered the biggest obstacle to two-factor security, namely convenience, in a massive way.

No comments:

Post a Comment