



Google Authenticator is available for iOS and iPadOS, and Android.

Here’s how to not only make Twitter more secure, but use Google Authenticator on your iPhone to move away from SMS-based two-factor authentication and better protect your online life.

Two-Factor Authentication (2FA) is in the news due to a change at struggling Twitter. Under a February policy change, Twitter is forcing free users unwilling to pay for a Twitter Blue subscription away from his SMS-based 2FA system in favor of using an authenticator app.

Despite the shades and screams about it, authenticator apps are better security-wise than using SMS messages. How to get 2FA up and running with a Google Authenticator.

What is two-factor authentication?

Two-factor authentication goes far beyond standard usernames and passwords and is a great way to secure your online accounts. If an online attacker knows or can crack your password, 2FA can block further access to it.

The 2FA principle is based on verifying what you “know” and “have”. Think of it as a security door where you can enter by typing a code into the keypad (“I know”) and a physical key into the lock (“I have”).

Account passwords fall into the “know” part, while the “have” part consists of some form of verifiable token. This can take the form of a physical object such as a YubiKey, but more commonly refers to a mobile authenticator app or authenticator key fob.

Google Authenticator is an app that provides 2FA codes on your iPhone.

Both the app and the key fob are set to repeatedly generate new codes after a certain amount of time, such as 30 seconds. These codes are not just generated from a seed known to the service, but according to pre-defined immutable rules, so they are not random.

In fact, the online service you’re using to authenticate knows the correct code the authenticator last generated, so it can verify or reject any code you read and enter into the service’s login screen.

Using an app for 2FA is slightly more secure than using a key fob for code generation. This is because the iPhone must first authenticate to access the app.

There is also a simpler form that a website can ask the user to confirm in the companion app that they have just signed in.

Apple’s ecosystem works similarly, where the user’s other Apple devices ask for confirmation and provide a code to manually enter on the device the user is signed into.

What are the problems with text-based 2FA?

Two-factor authentication itself is a good idea, but implementing one form leaves the system vulnerable.

With SMS or text-based 2FA, the code is sent as a text message to your smartphone instead of using an app or physical dongle-generated code.

At face value, it seems pretty fine, and most of the time it’s fine. The problem is the nature of SMS itself.

One-time SMS passcodes are sent as plaintext over the network’s cellular system, so they are unencrypted and can be read openly. Obviously this isn’t ideal, but it might work in a pinch.

Twitter is actively communicating to non-subscribers of Twitter Blue that SMS 2FA support will be for paying users only starting in March.

Another problem is that it relies on messages sent to the SIM card of the smartphone. The carrier can be tricked by the attacker into exchanging her SIM with an account on her system, so that the phone number appears to be from another her SIM card (which may have been in the hands of the attacker). They may work together perfectly.

In such cases, a legitimate SMS-based 2FA code could be sent over the carrier’s network, but could be received by the attacker. If you happen to know your account credentials as well, such as due to a data breach of a major service, they could sign into your account and take control.

The SMS system itself is a weak point, so moving 2FA to smartphone apps is a smart move.

Overview of Google Authenticator

Google Authenticator is a very established and popular authenticator app for several reasons. First of all, it’s pretty easy to use. This is important in encouraging more people to secure their accounts first.

It also comes from Google, a well-known name in the tech world. Regardless of how you feel about the company’s advertising business and data collection practices, brand name recognition is still a big issue for the public.

It also helps that its support is fairly widespread.

Then there is the possibility of using multiple devices. You can set up Google Authenticator on multiple devices and have your code work the same on all devices.

This may not necessarily be the best security-wise, but it’s a reasonable trade-off considering you’ll need to be logged into your phone or tablet in the first place.

Google Authenticator makes it easy to add accounts to your app.

It is linked to cross-platform support as it works on iPhone, iPad and Android devices. If you really want it, it’s available for iOS, iPadOS, and Android.

Note that you don’t actually need a Google account for this. You can obviously use it with Google’s system (and you should), but you can use it with other third-party services without linking your Google account to an authenticator.

Because the system relies on entering a setup key or scanning a QR code, we strongly recommend setting up 2FA on a different device than the one you’re setting up Google Authenticator on.

Additionally, while the general method for enabling 2FA on services is similar across the industry, the actual method differs for each app and service. Below are more general guides rather than specific instructions.

How to set up Google Authenticator on iPhone and iPad

Download Google Authenticator from the App Store to your device. Download is free. Sign in to the service you want to enable 2FA on and try to set it up. This is, for example, an option in your account settings under the section marked “Security”, an option that offers “Set up two-factor authentication”, but this varies by service. You should choose to use an authenticator app when prompted. Make sure Google Authenticator is on that list, as it may be recommended to use a specific authenticator app. Once you see the QR code or authentication key, open Google Authenticator on your iPhone or iPad. If this is the first addition to the app, you will be asked how to add the code directly. Otherwise, select the plus sign at the bottom right of the screen. If you see a QR code on a site or app that has 2FA set up,[QR コードをスキャンする]and scan the code using your device’s camera. If you were given a key, enter your account name (usually the associated email address) and the key provided on the screen. If your account system advises you to do so, choose either time-based or counter-based. Otherwise, leave it as time-based. Next, you will be asked to confirm that the authentication system is working. Enter the 6-digit code that appears on your device’s screen as verification into the app or service you want to set up 2FA on.

Once set up, every time you log in, you’ll be asked to generate a code to log into the service using your authenticator app.

This is as easy as opening Google Authenticator, looking for the relevant service and account name, and scanning the relevant 6-digit code. Codes change regularly, so it’s a good idea to wait until the timer runs out and a new code appears to maximize your code entry time.

You can manually enter your security details, but a QR code is quicker.

If you enter the code in an app on the same device, tap the code to copy it to your clipboard. You can paste this into the app’s text box and enter.

How to remove a list of accounts from Google Authenticator for iOS

Open the app and tap the three dots on the top right.[編集]Tap. Tap the pencil icon next to the associated account. Tap Trash. in the confirmation box,[アカウントを削除]Tap.

Please note that deleting an account from the Google Authenticator app does not affect the 2FA status of the account itself. If you want to remove 2FA from your account, do so before removing the Google Authenticator listing.

Just the beginning…

You can do a lot more with Google Authenticator, like setting up multiple devices to get the same code. Yes, you can use multiple devices using the same app to scan his QR code during setup. However, you can also take advantage of the export functionality to do the same thing for multiple codes at the same time.

