Posts Tagged iPhone

Google adds two-factor (2-factor) authentication for Gmail and Google Apps

Two-factor authentication finally comes for Google accounts, including Google Apps.

From Google:

Using 2-step verification will help prevent strangers from accessing your account with just a stolen password. When you sign in with 2-step verification, you’ll verify your identity using both a password and a code that you receive on your phone. Learn more

The one-time-password (OTP) that you receive on your phone can come from one of two different methods: Either a time-based password using the Google Authenticator app for your smartphone (BlackBerry, iPhone, Android), or as a text message. Google also provides you a set of codes that you can print out, in case you don’t get your code or your phone is lost. Keep them in a safe place, because if you lose your phone and your codes, getting access to your account is a royal pain — but that’s the way it’s supposed to be:

You’ll need to fill out an account recovery form to verify ownership of the account. Take time to answer each question to the best of your ability. The form was designed to ensure that no one can gain access to your account except you. Since Google doesn’t collect a lot of information about you when you sign up for an account, we will ask you questions like when you created your account, what Google services you use, and who you email frequently (if you use Gmail) to make certain you are authorized to access your account.

Two-factor needs to be turned on in your Google Account settings, and Google has an excellent walk-though on how to activate and test two-factor during the setup. Google calls their two-factor authentication simply “2-step verification.”

To access your account settings from your Gmail or Google Apps mail screen, click Settings in the top right, then click the Accounts tab, then Google Account Settings. then click the “2-step verification” link.

Google says that setting up their 2-step verification takes about 15 minutes, and it’s a good estimate. Budget longer if you’re less savvy or want to be more careful. There’s a testing step involved, so there’s little risk of locking yourself out of your account.

There are major security advantages to using two-factor authentication. One of the biggest simply being that if your password is compromised, there’s still a barrier preventing someone from logging in and having their way with your account.

Along with this, Google introduces what they call “Application specific passwords.” These are workaround passwords for applications (IMAP/POP/SMTP clients, Google Talk, etc) that can’t present the OTP passwords required for two-factor authentication. Instead, you generate a different password — one for each resource if you like — and enter that in your application instead of your normal password. Sound confusing? It’s not, really. This has the added advantage that if someone gains access to your applications configuration files (e.g. Outlook) and pulls your password out, they can’t use it to log directly into your Google account. You can also go into your Google account and revoke these generated passwords at a later date if a resource does become compromised.

After enabling 2-step authentication, you’ll receive an email with information which includes information about application specific passwords:

IMPORTANT: What to Do If Some Applications Stop Working

Some applications that access Google data do not accept verification codes. They
only accept usernames and passwords. Examples include:

-Smartphones (e.g., Android, iPhone)
-Mail clients that use IMAP/POP (e.g., Outlook Express or Thunderbird)
-Chat clients (e.g., Google Talk)
-Picasa desktop application

Now that you have signed up for 2-step verification, these applications will
temporarily stop working. You can get them working again by entering an
application-specific password into the password box, instead of your regular
password or your verification code.

That email will contain a link to generate those application-specific passwords.

Security-minded individuals will no doubt embrace these changes to Google. I for one appreciate that Google is going to such great lengths to provide easy-to-implement security tools that benefit the consumer. I believe that Google may have done something really great here — users who are really concerned about security in Internet resources may now seriously consider creating Google account. Less technical consumers may still use Google using conventional username/password combinations if they so desire.

What do you think of Google decision to add two-factor authentication to accounts? Are you, or will you be, taking advantage of it?

, , , , ,

Leave a comment

iPad used more than Linux computers?

Today, Royal Pingdom posted a somewhat-surprising blog entry that shows that the iPad alone, not any other iOS device like the iPhone or iPod touch, is used more than Linux computers.

Why is this only somewhat surprising? There’s plenty of reasons:

The positive about the Apple devices:

The iPhone and iPod Touch set the stage with — and raised the bar on — user friendliness in portable devices. The iPod was the device that some would argue re-made Apple. It quickly took over the portable media player market and set the new de-facto standard for what to expect in a music player: Lots of storage, and a simple, user-friendly interface. With the iPod Classic, new features brought even higher expectations. The iPod Touch and iPhone sealed the deal for Apple (and some would argue dealt AT&T a blow to the knees).

When the iPad arrived, it ran off the same iOS that the iPod touch did, which brought a familiar look and feel to iOS users. Drawing from the same App Store ensured that users would experience Apple’s touted “There’s an app for that” experience. In addition, the iPad pioneered the tablet experience to the mass market. Behind it’s launch, Android and Blackberry have struggled to gain market share.

The comparison to Linux:

When you compare the Apple iPad to the Linux market, it’s little surprise that the iPad comes ahead. Even the more popular Linux distros like Red Hat and Ubuntu, although moving ahead in leaps and bounds, still suffer their shortcomings with user friendliness and ease-of-use. Hardware quirks and incompatibilities often get the better of inexperienced users, who turn back to Windows or Mac for that lacking bit of hardware support.

Additionally, there aren’t many computer manufacturers who will sell systems with Linux pre-installed for an out-of-the-box experience. While Dell has sold systems with Linux pre-installed, and has sold select system with no OS, there’s a distinct bias in the new-sales model towards Windows. Why? Money. Microsoft pays the OEMs a commission for new-system sales with Windows pre-installed. On top of that, there’s less work for the OEMs to make sure that hardware works as expected. System76 has started picking up the pre-installed Linux market, selling systems with Ubuntu pre-installed, but the price is arguably higher than a system from another vendor, and I can’t speak to the warranty or support.


Don’t get me wrong, I’m a Linux user and I love it. But I’m not blind to the fact that it has it’s shortcomings — although Red Hat and Ubuntu have really worked towards making everything work as it should, and making the user experience the best possible. Linux also runs on a wider-range (and a more inexpensive range) of hardware than Apple OS. Also, you can’t ignore that this study has a big of a flaw in it: This only compared stats between iPod and mainstream Linux (desktops and laptops) — two completely different device platforms.

Apples to apples or apples to oranges? Do the numbers even mean anything at all? What are your thoughts?

, , , , ,

Leave a comment

Paperless Geocaching

This isn’t meant to be a complete explanation of all the available options, but simply a quick primer for someone who is interested in planning a purchase to try for the goal of paperless geocaching. Paperless meaning, in the most general sense, you don’t need a paper printout for coordinates.

There are a few different ways to go about this:

You can have a GPS or GPS-enabled device that you load waypoint files on.

Most hand-held and vehicle GPS units will allow you to load waypoint files on them, thus giving you some kind of list of loaded waypoints and allowing you to approach and make the find without having to enter the actual coordinates into the GPS. has two features that help with this: “Download waypoint file” and “Send to GPS”. The download waypoint file will generate either a .LOC or .GPX file for loading onto your device (See the documentation that came with your device for the actual process). The Send to GPS function appears to only work with Garmin devices (for now, at least).

The drawback to this method is you have to go on the website before your actual trip and choose which caches you will attempt and load them. The premium membership has a nice feature which helps with this: “Pocket queries.” Pocket queries can generate a waypoint file with up to 300 caches based on criteria you specify.

Garmin has a product line dedicated to the paperless geocacher. See information at Geocaching with Garmin.

This is a good viable option for those cachers who seek infrequently or who simply have a GPS unit and want to reduce their paper usage in an inexpensive way.

You can have a data-enabled device (such as a laptop or netbook with an aircard).

A netbook with an aircard can be an invaluable tool for use in the car (not on the trail) for looking up caches, viewing logs and maps, and logging your visits. This would allow you to log your visits without having to go back home, and give you a little more flexibility in case you find that you’re in a new area and want to pick up a quick cache or two. You can simply log on the website, look up a cache, punch the coordinates into your GPS, and away you go. Returning to the car, you can log your visit easily.

You can have a device which combines the two functions above, both retrieving the data from the website and helping you navigate to it.

This is the goal a lot of cachers (including myself) aim for: A single device that can do it all. A smartphone with GPS and data service is the usual tool for this job.

There are several different geocaching apps for smartphones, and some do it better than others. Here’s a quick run-down of some of my favorites:

Trimble Outdoors and Geocache Navigator by Trimble Outdoors – $9.99 (If I recall correctly)

These two programs are available on a large number of phones and carriers. I prefer Geocache Navigator, but Trimble Outdoors has a slightly different feature set which may make it appealing to different users.Geocache Navigator allows you to load up a list of nearby caches, display them on a map, seek them, and log your visit directly from your phone. It does require you to “tie” it to your account, which can be done easily from the website. One feature that Geocache Navigator does not have is the ability to set a waypoint (such as your car), which leaves the walk back completely up to you. Trimble Outdoors does have this, but doesn’t retrieve caches automatically; it requires you to load GPX files yourself prior to seeking a cache.

Geocaching by Groundspeak – $30

Groundspeak’s own geocaching app for Android and iPhone devices. These apps load caches near you (or by GC code) and help you navigate to it. Logging your visit, looking at previous logs, hints, even pictures are part of this app. Though a little pricey, these apps definitely do it all, and they’re published and supported by Groundspeak, the folks behind

Free phone apps

I know there are a number of free apps, unfortunately they vary between carriers and phone brands, and I don’t have enough experience with them or a list of links to provide. Please feel free to leave your apps and feedback in the comments below.

Have your own way of going paperless? Have you had experience with any of the above apps you’d like to share? Have an app not listed above that you prefer? Please share your thoughts in the comments below!

, ,

Leave a comment

Alchemy for Android

I recently got hooked on a new game for the Android phone called Alchemy. Here’s the description from the Android Market:

You have only four base elements: Fire, Water, Earth and Air. Combine them and their products to get more than 200 new elements. You can create a Life, Beer, Vampires, Skyscrapers and many more..

Search the Market for “Zaikin” (the author’s last name) and look for this icon:

Or scan this barcode using your phone to download it directly from the Android market.

There is a game similar to Alchemy called Doodle God that you can play in a web browser. Play here. Doodle God is also available on iPhone.

UPDATE: This forum has a lot of hints and tips for Alchemy combinations. Some work in Doodle God while most either do not or produce different combinations.

Got any hints to share for Alchemy or Doodle God? Please feel free to share them in the comments below!


Leave a comment

Clicky Web Analytics

I had written a previous post roughly comparing a few web analytics programs, using some criteria that was important to me, and I had purchased a license for Mint to use on one site. Having two sites, though, I wanted them to use the same analytics package, so I shelled out the extra $30 for a second Mint site license.

That was the easy part. The real pain came when I actually set it up. I had to install a second copy of Mint (because it’s a per-install/per-domain license) so I had to install a second copy, copy over all my plug-ins and configure it, making sure I used the same login and password (so I wouldn’t get them mixed up) and configure the software alike with the first install.

Then I realized something: I had to go to each domain’s Mint installation to view stats. I couldn’t view the stats for both sites in the same view. (Though there is a plug-in for that, but it gets installed to a single domain install — I’d have to install it to both installations and mirror the setup again — What a pain!)

So, out $30 for the new license and realizing after the fact it wasn’t a good fit for my setup, I went to Piwik, which is an Open-Source, self-installed web analytics package. You install it to a single location and set up tracking for all your websites from it. It’s a fairly good piece of software, but I ran into several nasty show-stopping bugs: zeroing visitors in the database and an issue with PHP and the cron job (not even mentioning the still-unresolved ever-growing database issue). I want an analytics package I don’t have to fight with to get good information out of. I want to spend my time using the information I can gather, not spend the time fighting with my analytics software.

Then I tried out Clicky Web Analytics. I have to say I am extremely happy with the service, and the pricing. No software to have to think about (or keep up to date), pricing is extremely fair (in fact, the best I’ve seen with 1 site being completely free), and the feature set is unparalleled. Real-time stats, including content, search terms, referrers, individual actions, a customizable dashboard, even iPhone and Android-specific mobile versions. A full API, RSS feeds, and site widgets round off the service offering, and that’s just at the free level. Paid versions (starting at $5/mo or $30/yr for 3 sites) get even more features, such as advanced data segmentation and the ability to name visitors using either the web interface or a CMS plugin.

The real icing on the cake with Clicky? They provide a non-js tracking code (in the form of a 1×1 transparent pixel) that you can insert on sites that don’t support javascript (like, Craigslist, eBay, MySpace, etc) so you can track pageviews even there!

I really recommend that you check out Clicky, even if (especially if) you only have one site to manage — it’s free.

Clicky Web Analytics

, , , ,

Leave a comment

My rant on Blackberry

So there’s a lot of things the Blackberry does RIGHT:

  • Good-sized full-QWERTY keyboard, without having to slide/rotate the phone.
  • Easy navigation via the trackball/trackpad (depending on model)
  • Fully multitasking OS
  • Quality speakerphone / microphone without echo
  • Durable hardware and great battery life

Now here’s where my rant begins:

For one, the Blackberry has a distinctive LACK of available “fun” software. There are a fair amount of games, but not nearly the selection of other mobiles. WinMo, Palm, and the iPhone especially have a wider variety of games, and other “fun” software.

For two, the Blackberry apps are quite a bit more expensive. From $2.99 per app on the cheap side all the way up to $50 for the priciest apps.

And for my biggest gripe, the distinct LACK of good IMAP support for BIS users. While the “push” email is great and all (email delivered to the phone when it’s delivered to the mailbox; no having to “poll” the mailbox), the inablility to use IMAP folders other than Inbox is a serious setback. More so, you’re only able to get new messages on the device, rather than being able to download mail that’s already in your box.

The IMAP issue is something that WinMo, Palm, and iPhone and some other phones already do quite nicely. this puts the Blackberry at a distinct disadvantage compared to other devices.

While this issue seems generally solved for Gmail users (through the “Enhanced Gmail plugin for Blackberry”), this is only for the single provider.

In my opinion this is something that RIM needs to get on with a quickness. This lack of proper IMAP support has me looking at other phones for the future.

If I could find a phone with a good QWERTY keypad with features like the Blackberry (along with proper IMAP) I’d definately consider switching when my times comes due.

Of course, if they enabled proper IMAP support in BIS, I think I’d be pretty happy indeed.

Time will tell. Maybe I’ll just learn to live with it.

, , ,

Leave a comment