Ask everyone you share the computer with to log into their account, run google-authenticator, and make a note of their respective emergency scratch codes along with the 16-digit code.Īfter you’ve generated the authentication code for all users, it’s time to configure the login process to work with Google Authenticator. Now repeat this process for each user account that uses your computer. Since we haven’t installed the app yet, for the time being just note down the 16-digit code. The google-authenticator command will also generate a QR code that you can scan with your Android phone. They’ll help you log in if you misplace the Android phone which generates the OTP. You’ll need to make sure you note down these emergency scratch codes somewhere safe. When it’s done, Google Authenticator will present you with a secret key and several emergency scratch codes. You should definitely enable this option as it helps prevent brute-force login attacks.Īfter the initial setup, the two factor authentication will work even if your system and Android device aren’t online Book of Codex The fourth and the last question asks you to limit the number of attempts for entering the authentication code. If you notice any issues later on, rerun the command and increase the expiration time as suggested. The next question asks for permission to increase the time window that tokens can be use for from the default 1:30 minutes to 4:00 minutes.Īlthough you can answer yes to this question to avoid any issues, type no for maximum security. While it might seem inconvenient at first, you should agree to this limitation for maximum protection. You’ll then be asked if you’d like to restrict the use of a token which forces you to wait for 30 seconds between login. The first question is a pretty safe one and you should allow the command to update your Google Authenticator file by answering yes. While it’s safe to answer yes to all of them, it’s a good idea to understand each one of them before making your final choice as these choices help balance security with ease-of-use. This will initiate the process of creating a secret key for the user by asking you a bunch of questions. Now in the terminal window, type: $ google-authenticator
Once the package has been installed make sure you’re logged in as the user you want to protect with the two-factor authentication.
$ sudo apt-get install libpam-google-authenticator
0 kommentar(er)
