When I saw that LastPass supports Google Authenticator for 2-factor authentication, I was wondering: How that's possible?
When, it just so happens that Google's two-step authentication is publicly documented and is also open-sourced. It supports both time-based authentication (similar to RSA SecurID) and sequence-based. There are free implementations of the client for all types of cell phones, but you can also make use of Google's own app by saving a URL in the form otpauth://totp/<account>?secret=<base32> in a QR code.
Of course, that doesn't do anything if a hacker steals you password database, including the secret keys used for 2-factor. That's why after that happened to Dropbox, them adding 2-factor authentication seems to be purely a PR move. Oh well, back to Wuala.
Published on August 31, 2012 at 21:07 EDT
Older post: The Java Anti-Update
Newer post: Uplink Game for iPad