Google Authenticator: Difference between revisions
Zhaofeng Li (talk | contribs) m Changed the ext links to internal links. |
Zhaofeng Li (talk | contribs) m Fixed the disambiguation link. |
||
| Line 1: | Line 1: | ||
'''Google Authenticator''' is a software based [[two-factor authentication]] [[Security_token#Mobile_device_tokens|token]] developed by [[Google]]. The Authenticator provides a six digit number users must provide in addition to their username and password to log in to Google services |
'''Google Authenticator''' is a software based [[two-factor authentication]] [[Security_token#Mobile_device_tokens|token]] developed by [[Google]]. The Authenticator provides a six digit number users must provide in addition to their username and password to log in to Google services |
||
==Implementation== |
==Implementation== |
||
Google provides [[iOS]]<ref>[http://itunes.apple.com/app/google-authenticator/id388497605?mt=8 iOS version of Google Authenticator]</ref>, [[Blackberry]] and [[Android]]<ref>[https://market.android.com/details?id=com.google.android.apps.authenticator&hl=en Android version of Google Authenticator]</ref> versions of Authenticator. Several third party implementations are available. |
Google provides [[iOS]]<ref>[http://itunes.apple.com/app/google-authenticator/id388497605?mt=8 iOS version of Google Authenticator]</ref>, [[Blackberry]] and [[Android]]<ref>[https://market.android.com/details?id=com.google.android.apps.authenticator&hl=en Android version of Google Authenticator]</ref> versions of Authenticator. Several third party implementations are available. |
||
*Windows Phone 7: [http://www.windowsphone.com/en-US/apps/021dd79f-0598-e011-986b-78e7d1fa76f8 Authenticator] |
*Windows Phone 7: [http://www.windowsphone.com/en-US/apps/021dd79f-0598-e011-986b-78e7d1fa76f8 Authenticator] |
||
*Windows Mobile: [http://forum.xda-developers.com/showthread.php?t=956184 Google Authenticator for Windows Mobile] |
*Windows Mobile: [http://forum.xda-developers.com/showthread.php?t=956184 Google Authenticator for Windows Mobile] |
||
Revision as of 11:50, 25 February 2012
Google Authenticator is a software based two-factor authentication token developed by Google. The Authenticator provides a six digit number users must provide in addition to their username and password to log in to Google services
Implementation
Google provides iOS[1], Blackberry and Android[2] versions of Authenticator. Several third party implementations are available.
- Windows Phone 7: Authenticator
- Windows Mobile: Google Authenticator for Windows Mobile
- Java CLI: Authenticator.jar
- Java GUI: JAuth
- J2ME: gauthj2me lwuitgauthj2me Mobile-OTP
- PalmOS: gauthj2me
- webOS: GAuth
- Windows: gauth4win
Technical description
Google generates a 80-bit secret for each user. This is provided as a 16 character base32 string or as a QR code. The client creates a HMAC-SHA1 using this secret key, with the message being the number of 30 second periods having elapsed since the Unix epoch. A portion of the HMAC is extracted and converted to a 6 digit code.
Pseudocode
function GoogleAuthenticatorCode(string secret)
key := base32decode(secret)
message := current Unix time ÷ 30
hash := HMAC-SHA1(key, message)
offset := last nybble of hash
truncatedHash := hash[offset..offset+4] //4 bytes starting at the offset
Set the first bit of truncatedHash to zero //remove the most significat bit
code := truncatedHash mod 1000000
pad code with 0 until length of code is 6
return code
Technology
Google Authenticator uses the time-based One-time Password Algorithm as defined in RFC 6238.
References
External links
- Google Authenticator on Google Help
- Google Authenticator implementation in Python on Stack Overflow