Posts Tagged BlackBerry

Google adds two-factor (2-factor) authentication for Gmail and Google Apps

Two-factor authentication finally comes for Google accounts, including Google Apps.

From Google:

Using 2-step verification will help prevent strangers from accessing your account with just a stolen password. When you sign in with 2-step verification, you’ll verify your identity using¬†both a password and a code that you receive on your phone.¬†Learn more

The one-time-password (OTP) that you receive on your phone can come from one of two different methods: Either a time-based password using the Google Authenticator app for your smartphone (BlackBerry, iPhone, Android), or as a text message. Google also provides you a set of codes that you can print out, in case you don’t get your code or your phone is lost. Keep them in a safe place, because if you lose your phone and your codes, getting access to your account is a royal pain — but that’s the way it’s supposed to be:

You’ll need to fill out an account recovery form to verify ownership of the account. Take time to answer each question to the best of your ability. The form was designed to ensure that no one can gain access to your account except you. Since Google doesn’t collect a lot of information about you when you sign up for an account, we will ask you questions like when you created your account, what Google services you use, and who you email frequently (if you use Gmail) to make certain you are authorized to access your account.

Two-factor needs to be turned on in your Google Account settings, and Google has an excellent walk-though on how to activate and test two-factor during the setup. Google calls their two-factor authentication simply “2-step verification.”

To access your account settings from your Gmail or Google Apps mail screen, click Settings in the top right, then click the Accounts tab, then Google Account Settings. then click the “2-step verification” link.

Google says that setting up their 2-step verification takes about 15 minutes, and it’s a good estimate. Budget longer if you’re less savvy or want to be more careful. There’s a testing step involved, so there’s little risk of locking yourself out of your account.

There are major security advantages to using two-factor authentication. One of the biggest simply being that if your password is compromised, there’s still a barrier preventing someone from logging in and having their way with your account.

Along with this, Google introduces what they call “Application specific passwords.” These are workaround passwords for applications (IMAP/POP/SMTP clients, Google Talk, etc) that can’t present the OTP passwords required for two-factor authentication. Instead, you generate a different password — one for each resource if you like — and enter that in your application instead of your normal password. Sound confusing? It’s not, really. This has the added advantage that if someone gains access to your applications configuration files (e.g. Outlook) and pulls your password out, they can’t use it to log directly into your Google account. You can also go into your Google account and revoke these generated passwords at a later date if a resource does become compromised.

After enabling 2-step authentication, you’ll receive an email with information which includes information about application specific passwords:

IMPORTANT: What to Do If Some Applications Stop Working

Some applications that access Google data do not accept verification codes. They
only accept usernames and passwords. Examples include:

-Smartphones (e.g., Android, iPhone)
-Mail clients that use IMAP/POP (e.g., Outlook Express or Thunderbird)
-Chat clients (e.g., Google Talk)
-Picasa desktop application

Now that you have signed up for 2-step verification, these applications will
temporarily stop working. You can get them working again by entering an
application-specific password into the password box, instead of your regular
password or your verification code.

That email will contain a link to generate those application-specific passwords.

Security-minded individuals will no doubt embrace these changes to Google. I for one appreciate that Google is going to such great lengths to provide easy-to-implement security tools that benefit the consumer. I believe that Google may have done something really great here — users who are really concerned about security in Internet resources may now seriously consider creating Google account. Less technical consumers may still use Google using conventional username/password combinations if they so desire.

What do you think of Google decision to add two-factor authentication to accounts? Are you, or will you be, taking advantage of it?

, , , , ,

Leave a comment

The almost indestructible phone case

When I got my Sprint BlackBerry 8530, the first thing I looked for was a good case. It’s a shame to have a nice phone and tear it up from keys in the pocket, accidental drop, banging against a counter (which is how I cracked the camera lens on my HTC Touch Pro: I leaned up against the counter at Chuck-E-Cheese).

I initially had a cheap silicone case, but it quickly stretched and became a lint magnet. Not to mention the fact that it would stick to the inside of my pocket and not want to come out when my phone was ringing. Though cheap, silicone cases are junk, in my opinion.

I decided I was probably better getting some kind of hard case. The nice thing about hard cases is they feel more natural on your phone and they can take the abuse. I’m rough on my phone — it goes with me everywhere, even in the rain.

I heard some really nice things about Seidio cases, and checked them out. My friend Jeff beat me to the order, and I asked to take a look at his device with the case on it. It’s nice-looking.

So for myself, I found the Innocase Surface and the Innocase Holster. I was extremely happy with this case. Until I broke it.

Breaking this case was no easy task: I’ve dropped it on concrete, tile, wood floors, tossed in my work toolbag a few times (screwdrivers, pliers, etc), talked on it while doing a brake job (which is probably what took the finish off)… This case is tough. I’ve even demonstrated to a few people that you can take a key to it and not scratch it.

Ironically enough, I was out somewhere and dropped it on carpet. The case flew apart and the locking tabs broke. I guess it had finally had enough.

So now I’ll be ordering another, and I guess I have to be extra careful with it until the new case comes in.

Caveat: There is a small downside to [the black] case. I’ve found out through experience that the BlackBerry will stop charging the battery if it gets too hot. That’s actually a good thing, as if you try to charge a Li-ion battery thats too hot, you’ll actually degrade the battery. The case I bought — being black and having a soft finish, actually caused the phone to heat up if I left it in on the passenger seat of my car in the sun. Solution? I just put it in my center console.

Have an Innocase for your phone or considering it? Share your thoughts below…

, ,

Leave a comment

Remove Windows Thumbs.db, desktop.ini, BBThumbs.dat, etc. in Ubuntu using find

You can quickly and easily remove Windows and BlackBerry thumbnail index files using a few simple terminal commands.

find /path/to/directory -name "Thumbs.db" -delete
find /path/to/directory -name "desktop.ini" -delete
find /path/to/directory -name "AlbumArt*" -delete
find /path/to/directory -name "BBThumbs.dat" -delete

You can expand on this to remove any file name or mask.

, , ,

Leave a comment