iOS 7 is still in beta, and there's still quite a lot of bugs in it (hence... beta). Google maps doesn't work either (it always reports a server connection error for me).
I would assume that these are problems with iOS 7, not the apps in question, since iOS should provide backwards compatibility. These bugs should be reported to Apple (ideally by Google or authors of other specific apps, who can narrow down exactly what's going on) so that Apple can fix whatever bug is causing the incorrect behaviour.
A better title might have been "Current iOS 7 beta is not Google Authenticator compatible"
DuoSec's iOS app replaced the never-updated Google Authenticator app for me after they added support for third-party token generation. It even works with QR-code scanning, just like the Google App.
The advantage here is obvious: it's an app that is a primary business concern for a security-focused company. It's unlikely it'll go out of date as long as Duo is around.
Never mind that the Google Authenticator app does get updated, why would it be suspect that it wasn't? Since when did it become a mark of quality that something changes constantly?
It's sole purpose in life is to run a well-defined, never-changing calculation and display a 6 digit number on the screen. Not changing is absolutely preferred here.
The Duo app is really nice. I was really happy to find out you could use it without their (fairly expensive) service; it's essentially a drop-in replacement for the Google Authenticator app. I've still been using both, though.
The thing I dislike most is when sites don't allow you to link your own OATH credential (i.e. a hardware token); I don't consider any of the cellphone apps or services to be as secure as the hardware token, and there are nice ways to use the hardware tokens for role accounts (locking the physical token in a safe, or leaving it in the custody of a third party without direct access to the account, like a CFO). The ideal implementation of OATH/2FA for a site allows users to specify their own, get the QR code, or get a text code.
Coinbase, for instance, only shows the QR code; I can't either use my own hardware token or back up the character string (which I feel I can do safely) to let me re-generate the token. I generally like having >1 device with my OATH credentials for any given account, particularly if the device is needed to change security settings later. It's awesome that they support 2FA, but doing better would be better.
Google Authenticator Version: 1.1.4.755, last updated: Jul 19, 2011. I’m assuming that there are a lot of under the hood changes in iOS 7. It is up to Google to update Google Authenticator so it would be compatible with iOS 7. Then again, iOS 7 is still in beta.
If that's your idea of a maintained app, I think we have differing ideas of what that means. Users with more totp tokens than will fit on one screen tend to ditch google authenticator because of that issue.
I've been using Authy[1] without any problems on iOS7. Great thing is that it can also be used for other services that use OTP (AWS, Cloudflare, Facebook etc).
Count me as another vote for Authy. One more amazing feature: Your tokens stick to your Authy account instead of your physical device. If you need to restore your phone or delete the app, you don't need to disable two-factor on all your accounts and then set it up again.
Just reinstall Authy, reauthorize with your Authy account, and you're done! Helped me countless times, from when I had to rebuild my iOS install because of a backup problem to when I got a replacement device due to a hardware issue.
Doesn't giving the device keys to a third party, while also authenticating using a password with that third party, sort of defeat the whole purpose of two-factor authentication?
It works until it breaks, just FYI. I would switch to another App.
I had been using it until tonight but after touching the add button, I rebooted my device and found that several tokens were missing. Upon rebooting the App again, they were all gone.
So how big is the leap between iOS 6 and 7 exactly in terms of app compatibility? Did they do a major API overhaul and will we have to wait for every developer to port its app but also maintain backwards compatibility?
I'm not sure why this is on the front page.
iOS 7 is still in beta, and there's still quite a lot of bugs in it (hence... beta). Google maps doesn't work either (it always reports a server connection error for me).
I would assume that these are problems with iOS 7, not the apps in question, since iOS should provide backwards compatibility. These bugs should be reported to Apple (ideally by Google or authors of other specific apps, who can narrow down exactly what's going on) so that Apple can fix whatever bug is causing the incorrect behaviour.
A better title might have been "Current iOS 7 beta is not Google Authenticator compatible"
DuoSec's iOS app replaced the never-updated Google Authenticator app for me after they added support for third-party token generation. It even works with QR-code scanning, just like the Google App.
The advantage here is obvious: it's an app that is a primary business concern for a security-focused company. It's unlikely it'll go out of date as long as Duo is around.
https://blog.duosecurity.com/2012/11/announcing-two-factor-a...
Never mind that the Google Authenticator app does get updated, why would it be suspect that it wasn't? Since when did it become a mark of quality that something changes constantly?
It's sole purpose in life is to run a well-defined, never-changing calculation and display a 6 digit number on the screen. Not changing is absolutely preferred here.
It's not confidence-inspiring when an app you use is missing both retina graphics and iPhone 5 support.
6 replies →
The Duo app is really nice. I was really happy to find out you could use it without their (fairly expensive) service; it's essentially a drop-in replacement for the Google Authenticator app. I've still been using both, though.
The thing I dislike most is when sites don't allow you to link your own OATH credential (i.e. a hardware token); I don't consider any of the cellphone apps or services to be as secure as the hardware token, and there are nice ways to use the hardware tokens for role accounts (locking the physical token in a safe, or leaving it in the custody of a third party without direct access to the account, like a CFO). The ideal implementation of OATH/2FA for a site allows users to specify their own, get the QR code, or get a text code.
Coinbase, for instance, only shows the QR code; I can't either use my own hardware token or back up the character string (which I feel I can do safely) to let me re-generate the token. I generally like having >1 device with my OATH credentials for any given account, particularly if the device is needed to change security settings later. It's awesome that they support 2FA, but doing better would be better.
I use Duo as well. The only thing I miss is a countdown timer.
Google Authenticator Version: 1.1.4.755, last updated: Jul 19, 2011. I’m assuming that there are a lot of under the hood changes in iOS 7. It is up to Google to update Google Authenticator so it would be compatible with iOS 7. Then again, iOS 7 is still in beta.
Google doesn't take updating their Authenticator app seriously, even the android version.
But why is it deleting the tokens? Can anyone who does iOS development comment?
Regarding Android that is just not true. The last update is from July 18 [1] and the App gets updated frequently and for me it has worked flawlessly.
A while back the Authenticator was not updated automatically but you were asked to switch to a new App [2]. Maybe that happened to you.
[1] https://play.google.com/store/apps/details?id=com.google.and... [2] https://play.google.com/store/apps/details?id=com.google.and...
App updates do not imply the app is being adequately maintained.
https://code.google.com/p/google-authenticator/issues/detail...
If that's your idea of a maintained app, I think we have differing ideas of what that means. Users with more totp tokens than will fit on one screen tend to ditch google authenticator because of that issue.
the android app gets updated more often than I would expect actually
I've been using Authy[1] without any problems on iOS7. Great thing is that it can also be used for other services that use OTP (AWS, Cloudflare, Facebook etc).
[1] https://www.authy.com/
Count me as another vote for Authy. One more amazing feature: Your tokens stick to your Authy account instead of your physical device. If you need to restore your phone or delete the app, you don't need to disable two-factor on all your accounts and then set it up again.
Just reinstall Authy, reauthorize with your Authy account, and you're done! Helped me countless times, from when I had to rebuild my iOS install because of a backup problem to when I got a replacement device due to a hardware issue.
Doesn't giving the device keys to a third party, while also authenticating using a password with that third party, sort of defeat the whole purpose of two-factor authentication?
5 replies →
FWIW, I use "HDE OTP" (https://itunes.apple.com/us/app/hde-otp-generator/id57124032...), which works pretty well for my google and dropbox account. It works on iOS7 and it looks better.
It's been working fine for me. First and second beta images that have been pushed.
It works until it breaks, just FYI. I would switch to another App.
I had been using it until tonight but after touching the add button, I rebooted my device and found that several tokens were missing. Upon rebooting the App again, they were all gone.
Works fine for me, too (beta 3 on iPhone 4S, iPhone 5, iPad 3).
Not the best looking app in the world, though!
The account labels are missing, which is a problem if you have multiple accounts.
Yes, and if you try to edit them, it will wipe out the other tokens.
So how big is the leap between iOS 6 and 7 exactly in terms of app compatibility? Did they do a major API overhaul and will we have to wait for every developer to port its app but also maintain backwards compatibility?