Thank you SE for adding Google Auth support

**Valkyrie_Lenneth** · 04-28-2021 03:20 AM

Originally Posted by Krojack

I never disabled it.

100% false. Google wrote the code and made it open source. The app I use that stores all my codes doesn't even have access to the Internet. It's not even coded into the app to use the Internet. Also the app is open source.

Please learn about a system before making claims about it.

I didn't say the app you use, I said the Google token specifically.

And not requiring it on login is basically disabling it.

I see most people recommending Authy.

**Krojack** · 04-28-2021 03:52 AM

Originally Posted by Valkyrie_Lenneth

I didn't say the app you use, I said the Google token specifically.

What does that even mean? Again using this on your FF14 account in no way links it to your Google account at all.

SE generates a unique code that's linked to your FF14 account. You input that code into the authenticator app of your choice. BAM you're done. Google is no where in the loop.

I've literally implemented this system into my own personal web sites and my companies administrative systems.

Here, go read how TOTP works. https://tools.ietf.org/html/rfc6238

Originally Posted by Valkyrie_Lenneth

And not requiring it on login is basically disabling it.

Take a lesson from other good providers. If I want to remember my login on MY OWN COMPUTER it's not any less secure. The one time password is to prevent people from logging into your account from other locations. I'm pretty sure some hacker isn't going to break into my house to use my computer and get into my FF14 account. Even then the OTP is still needed to log into my mog station account.. I'm referring to the game login. Consoles have the option to remember their passwords so they don't have to enter it every time.

P.S. Having to manually enter your password every time on your PC is a bigger security risk than remembering your login. Those that don't have the OTP on their accounts are more likely to get hacked this way if they get a rootkit virus on their PC.

**Valkyrie_Lenneth** · 04-28-2021 04:02 AM

Originally Posted by Krojack

What does that even mean? Again using this on your FF14 account in no way links it to your Google account at all.

SE generates a unique code that's linked to your FF14 account. You input that code into the authenticator app of your choice. BAM you're done. Google is no where in the loop.

I've literally implemented this system into my own personal web sites and my companies administrative systems.

Here, go read how TOTP works. https://tools.ietf.org/html/rfc6238

Take a lesson from other good providers. If I want to remember my login on MY OWN COMPUTER it's not any less secure. The one time password is to prevent people from logging into your account from other locations. I'm pretty sure some hacker isn't going to break into my house to use my computer and get into my FF14 account. Even then the OTP is still needed to log into my mog station account.. I'm referring to the game login. Consoles have the option to remember their passwords so they don't have to enter it every time.

P.S. Having to manually enter your password every time on your PC is a bigger security risk than remembering your login. Those that don't have the OTP on their accounts are more likely to get hacked this way if they get a rootkit virus on their PC.

If you use the Google authenticator app. The common one people will use seeing that it's easily available and has Google in the name, the app is tied to your Google account. (people commonly call otp applications "tokens")

If you then use that app as your XIV authenticator, and you lose access to your Google account, you lose access to XIV unless going through support of course.

I don't think you were reading what I was saying, only what you thought I was saying.

And if you have a rootkit, your XIV login is the least of your worries at that point.

I know what totp is. I was mostly just making a comment for people reading to be careful with the Google app.

It's a common issue if you read Google Auth app reviews.

**Krojack** · 04-28-2021 04:17 AM

Originally Posted by Valkyrie_Lenneth

If you use the Google authenticator app. The common one people will use seeing that it's easily available and has Google in the name, the app is tied to your Google account.

Again NO IT DOESN'T. It doesn't link to your Google account at all. You CAN add OTP to your Google account but the app does not sync anything to your Google Account. It is not linked to your Google Account in any way.

You don't even need a Google account to use the Google Authenticator app. You can side load it on your phone. There is even one on the Apple store.

Please stop spreading misinformation and scaring people.

**Valkyrie_Lenneth** · 04-28-2021 04:20 AM

Originally Posted by Krojack

Again NO IT DOESN'T. It doesn't link to your Google account at all. You CAN add OTP to your Google account but the app does not sync anything to your Google Account. It is not linked to your Google Account in any way.

You don't even need a Google account to use the Google Authenticator app. You can side load it on your phone. There is even one on the Apple store.

Please stop spreading misinformation and scaring people.

OK, I'll just ignore the Google app reviews then. Clearly you know more than me.

**Krojack** · 04-28-2021 04:55 AM

You could always, you know, install it and see for yourself.

Either way I still don't use it mainly because of other lacking UI features.

Thread: Thank you SE for adding Google Auth support

Thread Tools

Search Thread

Display

Hybrid View