Authenticator Apps

Alwyn · Apr 29, 2024

Patient Access is used in the UK to book GP appointment. It now requires us to use third party authenticator apps. I have set up the Google Authentication App but it says that I have to verify using YouTube app. I have the YouTube app but there’s no message coming up on it.

IWT · Apr 29, 2024

From my reading, Google Authenticator is only available for iPhone and iPad. Not available for Mac Computer. I guess you knew that already, but others reading this might not know.

‎Google Authenticator

‎Google Authenticator adds an extra layer of security to your online accounts by adding a second step of verification when you sign in. This means that in addition to your password, you'll also need to enter a code that is generated by the Google Authenticator app on your phone. The...

apps.apple.com

‎G2FA for Google Authenticator

‎Google Authenticator is one of the most popular One Time Password (OTP) generators for Two-Factor Authentication. Unfortunately, Google Authenticator is only available on mobile devices such as your iPhone and iPad. G2FA offers the same capabilities right here on your Mac. And just like the...

apps.apple.com

This video might help as well???

Sorry I can't be more helpful.

Ian

ferrarr · Apr 29, 2024

You may need to sign in to YouTube, to receive the authorization. Do you have gmail?

Raz0rEdge · Apr 29, 2024

I think you are misunderstanding the YouTube reference. It's likely saying to use a YouTube video to validate you've setup the app properly. You don't use it for authentication.

There are a handful of authenticator apps like Google Authenticator, LastPass Authenticator, Authy, Okta Verify and so on. Google Authenticator is definitely the weakest of the bunch.

I'd actually recommend that you use LastPass or Authy for one particular reason. As part of the authenticator app setup, once things are done, you'll be given an option to download/save about 6 permanent codes. You should grab them and store in a secure location as these codes bypass the 2FA.

Now if your phone were to ever break or app stops working, these codes is how you get back in.

However, if you do transition to a new phone, the problem with Google Authenticator is that it doesn't save anything anywhere other than your phone, so you have to go and re-do the setup on every site.

LastPass and Authy, on the other hand, have a user account that backs up all of your codes so you can move from device to device and get them all back without losing access.

You should still always grab the permanent codes from sites and save them, and as mentioned do not put them in a publicly accessible location as that defeats the 2FA entirely.

Now, as far as notifications go, a handful of apps support 2FA through their own app, like the GMail app. But this is very specific to a site that has it's own app and so on. Since this isn't that situation, it doesn't apply. And YouTube doesn't have it's own authentication, it comes under your Google account umbrella.

IWT · Apr 29, 2024

Excellent summary, Ashwin. I think it is still a slightly awkward and uneasy concept for people to grasp first hand. I include myself in that category

Your comments make clear sense.

Ian

Raz0rEdge · Apr 29, 2024

Ian, and that reason alone most sites end up relying on SMS based 2FA which is very easily bypassed. The authenticator based app is bit more secure, but it is indeed a bit more involved and as I've noted my my previous post, if you don't use the right app and don't save the codes, you might end up locking yourself out and that's annoying.

Alwyn · May 3, 2024

Raz0rEdge said:
I think you are misunderstanding the YouTube reference. It's likely saying to use a YouTube video to validate you've setup the app properly. You don't use it for authentication.

There are a handful of authenticator apps like Google Authenticator, LastPass Authenticator, Authy, Okta Verify and so on. Google Authenticator is definitely the weakest of the bunch.

I'd actually recommend that you use LastPass or Authy for one particular reason. As part of the authenticator app setup, once things are done, you'll be given an option to download/save about 6 permanent codes. You should grab them and store in a secure location as these codes bypass the 2FA.

Now if your phone were to ever break or app stops working, these codes is how you get back in.

However, if you do transition to a new phone, the problem with Google Authenticator is that it doesn't save anything anywhere other than your phone, so you have to go and re-do the setup on every site.

LastPass and Authy, on the other hand, have a user account that backs up all of your codes so you can move from device to device and get them all back without losing access.

You should still always grab the permanent codes from sites and save them, and as mentioned do not put them in a publicly accessible location as that defeats the 2FA entirely.

Now, as far as notifications go, a handful of apps support 2FA through their own app, like the GMail app. But this is very specific to a site that has it's own app and so on. Since this isn't that situation, it doesn't apply. And YouTube doesn't have it's own authentication, it comes under your Google account umbrella.

Thanks for your helpful advice.

Alwyn · May 3, 2024

Raz0rEdge said:
I think you are misunderstanding the YouTube reference. It's likely saying to use a YouTube video to validate you've setup the app properly. You don't use it for authentication.

There are a handful of authenticator apps like Google Authenticator, LastPass Authenticator, Authy, Okta Verify and so on. Google Authenticator is definitely the weakest of the bunch.

I'd actually recommend that you use LastPass or Authy for one particular reason. As part of the authenticator app setup, once things are done, you'll be given an option to download/save about 6 permanent codes. You should grab them and store in a secure location as these codes bypass the 2FA.

Now if your phone were to ever break or app stops working, these codes is how you get back in.

However, if you do transition to a new phone, the problem with Google Authenticator is that it doesn't save anything anywhere other than your phone, so you have to go and re-do the setup on every site.

LastPass and Authy, on the other hand, have a user account that backs up all of your codes so you can move from device to device and get them all back without losing access.

You should still always grab the permanent codes from sites and save them, and as mentioned do not put them in a publicly accessible location as that defeats the 2FA entirely.

Now, as far as notifications go, a handful of apps support 2FA through their own app, like the GMail app. But this is very specific to a site that has it's own app and so on. Since this isn't that situation, it doesn't apply. And YouTube doesn't have it's own authentication, it comes under your Google account umbrella.

Thanks Ashwin for your helpful advice. Colin.

Rod · May 3, 2024

I'd recommend Authy. I use 4 autheticators myself. One of our banks has one, Microsoft has one, the Australian social services dept has one even my Password Manager offers a random password generator. All of these are free and any will allow you to add any new sites/services that offer this form of 2FA.
Apple has offered the same option in the Passwords app since iOS 15 see here;

How to use iOS 15 2FA code generator and autofill - 9to5Mac

This detailed guide covers how to set up the iOS 15 2FA code generator and autofill on iPhone that makes password management more seamless.

9to5mac.com

Rod · May 3, 2024

I should add, all these authenticator apps require a smart phone. To my knowledge only my password manager and perhaps Apple's Passwords app will work independently on a computer.

From my point of view authenticators are much better than One Time Passwords (OTP's) sent via SMS as they are device specific rather than phone number specific which means they work overseas or with a different SIM card in the phone.

Raz0rEdge · May 3, 2024

Rod said:
I should add, all these authenticator apps require a smart phone. To my knowledge only my password manager and perhaps Apple's Passwords app will work independently on a computer.

Authy used to have an app that worked on desktops (Mac and Windows) but got rid of it. I think using a separate device than what you are using to login adds an extra layer of security.

If someone were to get your device and compromise your password, if the 2FA app is also available on that device, it's nearly impossible to prevent anything. However, even if the laptop is stolen, you might have your phone to prevent access.

Rod · May 3, 2024

I agree, although I'm not sure how Apple Passwords works for this function. My guess (because I haven't tried it) is you would have to verify your Apple ID with a "trusted" device before accessing Passwords 2FA on a Mac. So, you still need an iPhone.

IWT · May 4, 2024

Rod, I'm in no way trying to usurp your excellent Post #9, but just thought that a more recent Apple article about one-time verification codes for iOS 17. (rather than 15) might help??

Automatically fill in one-time verification codes on iPhone

iPhone can automatically generate verification codes for websites and apps that use two-factor authentication.

support.apple.com

Ian

Authenticator Apps

Alwyn

IWT

‎Google Authenticator

‎G2FA for Google Authenticator

ferrarr

Raz0rEdge

Well-known member

IWT

Raz0rEdge

Well-known member

Alwyn

Alwyn

Rod

How to use iOS 15 2FA code generator and autofill - 9to5Mac

Rod

Raz0rEdge

Well-known member

Rod

IWT

Automatically fill in one-time verification codes on iPhone

Shop Amazon