These Days, Using A Two-Factor Authentication Application Is Vital For Account Security. In This Article, You Will Learn How Google Authenticator Works.
Imagine a world where any novice hacker can easily monitor your every move, listen to your calls, read your text messages, and empty your bank accounts in minutes; New without the need to leave home and maybe even live a continent away from you.
Of course, there is no need to imagine; Because we have been living in such a world for a long time; That is because of the security hole in the protocol called SS7 (Signaling System No. 7) that all the countries of the world use in their mobile networks.
This article was updated with the addition of Google Authenticator setup for Twitter on May 9, 1402.
It was once thought that the use of dynamic passwords that are sent via SMS has the highest degree of security; however, with the help of the security hole in the SS7 protocol or other methods, hackers can gain access to the text of users’ text messages and take control of your bank account and accounts in social networks using cryptography.
Therefore, cyber security experts devised a solution to protect the codes sent through SMS. In this method, the dynamic password is no longer sent to the user; Rather, it is displayed on the phone through the application, and the only way for a hacker to access this code is to access the phone physically.
Several applications have been developed to send dynamic passwords or “two-factor authentication” codes, among which fake applications are also found in abundance, Especially now that Twitter is charging for two-step verification SMS and people need these apps more than ever.
If the paid sending of Twitter SMS has annoyed you, don’t be sad! One of the most reliable and straightforward two-factor authentication applications is Google Authenticator, which we will introduce fully in this article.
By the way, Elon Musk reminded us of this decision and why we should not have gone to this unsafe method in the first place! This article will show you how to use Google Authenticator and still use two-factor authentication to secure your Twitter account or all social networks for free.
What is Google Authenticator?
Two-factor authentication (2FA), as the name implies, is a method in which the user must enter another factor to verify his identity and the usual password to log in to the online account or application. Cyber security experts divide authentication factors into three groups: 1- Something you know (e.g., password); 2- Something you have (for example, a mobile phone); 3- Something you are (for example, fingerprint or any other biometric method).
In the 2FA method, instead of one factor (something you know), two elements (something you know + something you have), a password, and access to the phone are considered, thus reducing the risk of hackers breaking into online accounts.
In simpler terms, two-factor authentication is an additional layer of security in which a unique code is displayed in a specific application on the user’s mobile phone or other smart device. This code, along with the password and username, is necessary to log in to accounts with 2FA enabled.
One of the best applications in this field is Google Authenticator, designed and published by the well-known Google company and is helpful for any website or service with two-factor authentication.
For example, all major social networks and websites, such as Twitter, Instagram, Facebook, Gmail, and cryptocurrency accounts, such as Coinbase and Binance, support 2FA. Enabling this method is critical to protecting these accounts.
The Google Authenticator app generates a six-digit one-time password renewed every 30 seconds.
The time limit of this code means that if a cybercriminal manages to gain access to your one-time use code somehow, this code is only valid for 30 seconds, and after this time, it will no longer be effective.
Google Authenticator and similar applications do not have any access to your accounts and do not establish a connection with the site in question after the initial transfer of the code. The work of this application is only to generate code, and for this, it does not need telecommunication services or even the Internet; So, if you were in a situation where you did not have access to the Internet or you encountered a problem with the antenna of the phone, there is no need to worry; Google Authenticator will send you the codes.
In addition, since the protocol used in these applications is based on the same standard, the code generated in Google Authenticator can be used to log into any account, including Microsoft or all social networks that support the 2FA method. In other words, these codes are not limited to Google products and apply to any website or service that helps 2AF.
How does Google Authenticator work?
Until the recent update, Google Authenticator used only two simple functions, i.e., generating 2AF code and exporting account information to another phone. Still, the export feature has been removed, and the backup of regulations in the cloud has been added.
Working with Google Authenticator is very simple. Log in to your desired account with your username and password as usual. Then go to the section about enabling 2AF and scan the displayed QR code with the Google Authenticator app. With this, your account will be connected to the application, and from now on, to enter your account, you must enter the code that appears in the application.
For your convenience, we have explained how to activate 2FA for a Google account in a simple way. Other websites follow almost the same steps; You need to find the section about enabling Two-factor Authentication, which is usually located in the Security section of the account.
Even though enabling 2FA seems tedious, it’s best to allow it for every account you can.
If you do not do this, a hacker with access to your account password may do so. In this case, although it is not impossible to recover the account, it will certainly take you more time and may cause you a lot of trouble as long as the control of your account is in the hands of the hacker.
Backing up codes in the cloud can compromise the security of connected accounts.
For a long time, unlike other two-factor authentication applications, Google Authenticator did not back up 2FA codes in the cloud to increase the security of user information. But this issue caused problems because the only way to access the connected accounts was to access the application on the same device with which you clicked the funds for the first time. You could not enter your account when you could not access the phone.
Google currently does not use end-to-end encryption for 2FA codes!
But note that storing one-time codes in the cloud connected to your Google account can make you vulnerable to hacker attacks; If a hacker gets hold of your Google account, they can easily access all 2FA codes stored in it, as these codes do not currently support end-to-end encryption. We suggest not connecting your Google account to the application as much as possible; Instead, install the application on another phone or get backup codes from linked accounts.
Google Authenticator application download link
The Google Authenticator application is available for both Android and iOS, and you can download and install it on your phone for free from the App Store or Google Play.
Installing and setting up Google Authenticator
The steps to set up the Google Authenticator application are very simple. After downloading and installing the application on your smartphone or tablet, you do not need to open the application.
1. First, enter the page related to activating the two-factor authentication (two-factor verification) or two-step authentication (two-step authentication) of the website in question through a computer or another phone or tablet and activate this feature. This feature is usually located in the Security section of the account.
2. After this step, look for the option to use the authenticator app and click on it.
3. When setting up 2FA, you’ll usually be prompted to scan a QR code; For this reason, you need another computer, phone, or tablet to enable this feature on your account. If you can’t access another device or your phone’s camera doesn’t work, you can show the setup key instead of the QR code.
4. Now open the Google Authenticator app. Click Get Started to be redirected to the “Setup your first account” page.
5. Select the setup method. This step depends on the website you plan to enable 2FA for. The QR code scan option is the most common setup method. If you encounter a QR code while activating the 2FA method on a website, select the Scan a QR code option on the application.
6. If you come across a string of letters called “setup key,” select Enter a setup key from the application.
7. Now scan the QR code displayed on the website with your phone.
8. For the Enter a setup key option, choose a desired name for your account and enter the key manually in the bottom bar. Then, press the add button.
8. The intended account will be connected to the Google Authenticator application after verification.
9. From now on, you will face a six-digit code whenever you open the application. This code is required to complete the login step to the connected account. Note that this code changes every 30 seconds. If the digits displayed on the application change when you type the code, delete the written code and use the new code.
10. To add new accounts to the application, press the “+” button at the bottom of the page and select Scan a QR code or Enter a setup key.
11. If you want, you can activate the ability to backup codes in the cloud by logging into your Google account in the application. With this feature, you no longer need to worry about losing your phone and, as a result, completely losing access to charges connected to Google Authenticator; But be careful that this may jeopardize the security of your funds, so activate this option responsibly.
How to use Google Authenticator for a Google account
Perhaps the most crucial account you should activate 2FA today is your Google account; Because you have probably used your Gmail address to create an account on many websites, hacking your Gmail account also endangers the security of the funds connected to it. Here, we explain the steps to enable two-factor authentication for a Google account. Other charges follow more or less similar steps.
1. First, enter the Security section of the Google website and select the Authenticator option.
2. The new window will ask you to download the Google Authenticator application from Play Store or App Store and click the Set up Authenticator option.
3. Open the Google Authenticator application with your phone and scan the code displayed in the new window by selecting the Scan a QR code option. If you can’t check, choose the Can’t watch it option below the QR code. In this step, select the Enter a setup key option and enter the displayed code manually.
4. In the new window, enter the six-digit code displayed in the application and click on the Verify option.
5. This stage will tell you that the authenticator application has been added to the Google account.
6. As you can see, the Authenticator option is activated for your Google account.
Two-factor authentication is now enabled for your Google account. From now on, if a hacker with your password intends to enter your Google account, in the next step, he needs to open the Google Authenticator application and enter the six-digit code that your account is verified on. Still, because the hacker, fortunately, does not have access to your phone, he cannot enter the report.
Set up Google Authenticator for Twitter account
Some time ago, Twitter upset users who didn’t want or couldn’t pay for the Twitter Blue service by announcing that two-step verification via SMS would be paid for. But the fact is that this is good news because, as we explained, the security of sending the code via SMS is deficient; using 2FA applications such as Google Authenticator, Authy, or Microsoft Authenticator is better. What’s more, these apps are entirely free to use!
The following will teach you how to set up Google Authenticator for your Twitter account.
1- Open the Twitter website on your desktop or its application on your phone.
2- Click on the three dots on the sidebar on the left side of the screen and then select Settings and Support > Settings and Privacy.
3- Click on Security and account access > Security > Two-factor authentication.
4- Select the Authentication app option, and enter your Twitter account password in the next step.
5- Click on Get Started. In the next window, you will see a QR code.
6- Now open the Google Authenticator application on your phone, select its QR code scanner, and scan the code on the computer screen. Thus, your Twitter account will be connected to the application.
7- Go back to the Twitter website. Click Next, enter the six-digit application code, and click Confirm.
8- Twitter will provide a one-time backup code in the next window. Be sure to write down this code somewhere so you can still access your Twitter account if you don’t have access to your phone or application.
Advantages of using Google Authenticator
Although not all websites support two-factor authentication, enabling this security feature on any website that helps it is a good idea. This will add a step to logging into your online accounts; remember that by doing this, you are protecting your account from being misused by hackers. If you don’t want to enable this feature for all your accounts, we recommend enabling it for your email accounts. Most of your funds will be safe if your email security is not compromised.
Using Google Authenticator dramatically increases the security of your sensitive information due to the elimination of sending a code via SMS that hackers can read. In addition, this application does not need an antenna or internet network to create code and is also helpful in airplane mode. As you can see in this article, it is straightforward to set up and use, and with a few simple steps, you can make it almost impossible for hackers to access your accounts.
If you still doubt the importance of this security method, it’s better to read what happened to WIRED senior writer Matt Hannon in 2012, when his entire digital life was destroyed in an hour. First, his Google account was hacked and completely deleted, and then his Twitter account. In the end, hackers entered his Apple ID account and remotely deleted his iPhone, iPad, and Macbook.
The reason for this happened was that all these accounts were connected.
By logging into Hanen’s Amazon account, the hackers obtained his Apple ID account information and entered his Gmail, allowing them to access his Twitter account.
According to Hanen, if he had enabled two-factor authentication for his Google account, none of these things would have happened; Because the primary goal of the hackers was to obtain the three-letter username of his Twitter account, and the information of his other accounts was deleted to prevent him from regaining control of his Twitter.
It has been a decade since 2FA was made available to all internet users, But still, many people settle for the same simple password, which is 123456, most of the time, and even use the same password for several accounts. Such bad habits can easily compromise the cyber security and sensitive information of users and make the life of hackers extremely easy. Enabling two-factor authentication with apps like Google Authenticator is a surefire way to prevent hackers from accessing your accounts.