Google Offers OAuth Alternative to Improve Security

Google is now offering two-factor authentication, making sign-in more secure.

It’s an extra step, but it’s one that significantly improves the security of your Google Account because it requires the powerful combination of both something you know—your username and password—and something that only you should have—your phone. A hacker would need access to both of these factors to gain access to your account.

That important security enhancement is garnering a lot of attention. What I find interesting is the point that only got a sentence’s mention.

You can also set up one-time application-specific passwords to sign in to your account from non-browser based applications that are designed to only ask for a password, and cannot prompt for the code.

This sounds an awful lot like PAuth, which Don Park suggested as an alternative to OAuth over two years ago. I’ve always wondered why that didn’t get more attention.


Tweets that mention Backdrifter: Google Offers OAuth Alternative to Improve Security --
February 10, 2011 at 2:41 PM

[...] This post was mentioned on Twitter by Jared Hanson, Jared Hanson. Jared Hanson said: I blogged Google Offers OAuth Alternative to Improve Security [...]


Lonna Hanson
February 11, 2011 at 8:10 AM

Very interesting post. I enjoyed reading it.

Post a comment