[kwlug-disc] Google with TOTP

Khalid Baheyeldin kb at 2bits.com
Mon Jun 20 14:45:16 EDT 2022


On Sun, Jun 19, 2022 at 10:18 PM Chris Irwin via kwlug-disc <
kwlug-disc at kwlug.org> wrote:

> On Sat, Jun 18, 2022, at 17:19, Khalid Baheyeldin wrote:
>
> That leaves app passwords as the other practical way for a server
> application. How
> often do these need to be refreshed? If it is also a week, then that is a
> big bummer
> moment ...
>
>
> They do not expire.
>
> They *can* be manually revoked. But otherwise they persist until you
> revoke them.
>

That is exactly what I need.
I went to setup 2FA in Google, and it turns out that you don't need to use
the phone
number at all (and therefore my concern about SIM card swap scams is
avoided).
You can click on alternatives (or some other wording) and they will give
you backup
codes.

Then you proceed to Authenticator, and use FreeOTP+ (Android) and/or
oathtool on
the command line. They both work well.

>From there, I was able to create an app password for getmail, and it works
too.

Thanks for all the help (Chris, and everyone else).
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20220620/e95767a9/attachment.htm>


More information about the kwlug-disc mailing list