![]() Palacio also noted that while most people aren’t aware of this, RSA Security - one of the leading two-factor authentication services for enterprise companies - has long offered a desktop application. “What really matters, is that it is something only you can have.” ![]() “Two-factor authentication is still valid regardless of whether the second authentication factor ‘you have’ comes from your cellphone, your tablet, or right from a desktop app in your laptop,” the company writes in a blog post today. Instead of typing in a code, you can just copy and paste it from the desktop app. For those users who don’t have a smartphone, this also provides an easier alternative to the usual SMS messages services like Authy utilize to send their codes.īy switching to the desktop app, your phone only becomes important when you log in to another computer that is not under your control.īut doesn’t that defeat the purpose of a two-factor application? Authy - unsurprisingly - claims it doesn’t. This approach allows the same app to run on Windows, Mac and Linux.Īs the company’s founder and CEO Daniel Palacio told me last week, being able to get your second factor from your desktop and laptop makes for a far more seamless user experience. While it uses Chrome’s app framework, it’s a completely stand-alone app, though, and you don’t need to run Chrome to use it. Authy for Desktop is now available as a Chrome app here. This makes sense, given that you want to ensure that nobody who has access to your computer also has access to the application that provides you with your second key for accessing your private accounts.Īuthy is turning this idea on its head today by launching a desktop app for its two-factor authentication service. Users who installed the Chrome add-on will receive a warning that the software has been disabled at Google's end.When you use two-factor authentication, chances are you are getting your second factor from a mobile phone app like Google Authenticator or Authy. Google declined to comment on the record about how this add-on slipped through the net. Some reported the application sucked up high amounts of CPU resources and perhaps mined cryptocurrencies in the background. Indeed, it's said the extension tried to phish netizens by redirecting them to a fake login page and asking for account credentials. Google halts paid-for Chrome extension updates amid fraud surge: Web Store in lockdown 'due to the scale of abuse'įurther inspection using analysis tool CRXcavator revealed the add-on's code contained a suspicious URL that took the browser to a website hosted in Poland.Google's Chrome Web Store under fire for shoddy service and cryptic policies. ![]() ![]()
0 Comments
Leave a Reply. |