really surprised so many people that post here refuse to use google authenticator because its "annoying." is it a hassle? yes, but if you have ever had your email (and other accounts) compromised you understand why it is worth that small 5 second hassle when you login.
one feature that i cannot understand why it hasnt been implemented though is protecting the app itself with a password or pin. some people say to just protect your whole phone, but i dont really want to do that because to me that _is_ too large a hassle. if i lose my phone i can revoke access to my email and other similar apps, but not if the person that finds it opens up google authenticator (which shows the account the id is used for) and logs in to change the password before i have a chance to. even just allowing for it to display an account nickname instead of full login would be a huge step forward
> but not if the person that finds it opens up google authenticator (which shows the account the id is used for) and logs in to change the password before i have a chance to.
The person finding your phone would have to either have access to your password, your backup email address or the answer to your security question (which you can write yourself).
It's not a 5 second hassle. I don't get a cell signal in the steel gymnasium even though the wifi works fine. I physically have to go outside to get a code every time I want to log in. And then if my phone is not working, or I leave it at home, I'm screwed.
You can install a standalone app called Google Authenticator (it’s also available in the App Store), so your cell phone doesn’t need a signal.
Also:
You can print out a small piece of paper with 10 one-time rescue codes and put that in your wallet. Use those one-time codes to log in even without your phone.
You can create a new set whenever you want. However, generating a new set invalidates the previous set (so you can revoke access with those tokens if they are lost.
That's a fairly special case though right? The most common concern I hear (other than it's just too complicated) is privacy concerns. People are asking "why does Google want my cell"? What else is that number used for?
one feature that i cannot understand why it hasnt been implemented though is protecting the app itself with a password or pin. some people say to just protect your whole phone, but i dont really want to do that because to me that _is_ too large a hassle. if i lose my phone i can revoke access to my email and other similar apps, but not if the person that finds it opens up google authenticator (which shows the account the id is used for) and logs in to change the password before i have a chance to. even just allowing for it to display an account nickname instead of full login would be a huge step forward