• ARTICLES
SEARCH

How-To Geek

How To Use Google Authenticator and Other Two-Factor Authentication Apps Without a Smartphone

two-factor-authentication-on-windows

Google, Dropbox, LastPass, Battle.net, Guild Wars 2 – all these services and more offer two-factor authentication apps that work on smartphones. If you don’t have a supported device, you can run an alternative application on your computer.

When you log in, you’ll need to enter a time-based code from the app. Two-factor authentication prevents people who know your password – but don’t have the app and its security key – from logging in.

Limitations

Using a two-factor authentication app on your computer is less secure than using one on a separate device. Someone with access to your computer could access your security key and log into your account – however, if you don’t have a smartphone, iPod touch, or other mobile device, using an app on your computer is more secure than not using two-factor authentication at all. It’s also likely that most stolen passwords are acquired via keyloggers and other types of software that won’t try to steal the security key from your computer.

None of these apps are officially supported by the services they’re for. However, the two-factor authentication algorithm that Google Authenticator uses is an open standard that these apps have implemented. In the case of WinAuth, the developers have implemented the same algorithm used by Blizzard’s Battle.net Authenticator.

Google, Dropbox, LastPass, & More

Google makes Google Authenticator, which implements a standard time-based  one-time password (TOTP) algorithm. Other services, including Dropbox, LastPass, Guild Wars 2,  DreamHost, and Amazon Web Services, have used Google Authenticator instead of implementing their own apps from scratch. You can even use Google Authenticator’s PAM module to secure your SSH sessions on Linux.

While Google only produces official Authenticator apps for Android, iOS, and BlackBerry, other developers have created implementations of Google Authenticator that run on desktop PCs.

If you’re a Chrome user, you can use GAuth Authenticator, which implements Google Authenticator as a Chrome extension. The extension stores your secret key locally and generates time-based codes you’ll need to log in, just as the official mobile apps do.

google-authenticator-for-chrome-browser

You can also use gauth4win, an implementation of Google Authenticator for Windows. After installation, launch GoogleAuth from your Start menu. If you see an error message after launching it, click Continue to launch the application anyway. It will appear in your system tray. Right-click it and use the option to enter your key. After you do, you can right-click the system tray icon and select Copy to copy the current time-based authentication key to your clipboard.

google-authenticator-for-windows

To add your security keys to any of these applications and secure your accounts, go through the standard process for enabling two-factor authentication on Google, securing LastPass with two-factor authentication, or activating two-factor authentication on any other service. Instead of entering the key into a mobile app during the setup process, enter it into the application on your computer.

Battle.net & Guild Wars 2

Blizzard’s Battle.net service uses a different two-factor authentication implementation – Blizzard offers their own mobile app instead of using Google Authenticator. Blizzard’s Battle.net Authenticator secures the Battle.net accounts used for World of Warcraft, Diablo III, and Starcraft II.

You can’t use the above apps for Battle.net, so you’ll need to use another app. WinAuth is an open-source Windows authenticator for Battle.net and Guild Wars 2 (although you can also use the above apps with Guild Wars 2.) It also allows you to encrypt your security key file so that malicious programs can’t easily access it without your permission.

battle.net-authenticator-for-windows

Download the WinAuth app and it will walk you through using it with your Battle.net or Guild Wars 2 account.

winauth

If You’re Away From Your Computer

Mobile apps are particularly useful because they run on a phone that you probably always have with you. if you’re away from your computer and need to log into one of your accounts, you won’t be able to do so without disabling two-factor authentication.

For most services, you can disable two-factor authentication as long as you have access to your email account – click a link in an email sent to you and you can log in without any special codes.

If you used one of these apps to secure your Google account and you can’t log into Gmail, this can be a problem. Google provides several ways of logging in if you don’t have a security code – you can have a security code sent by SMS to the cell phone number you provided on the two-factor authentication setup page. If you don’t have access to your mobile phone, you can enter one of the recovery codes you can print out from the two-factor authentication setup page. Each code is only valid once. Ensure you print out these keys and keep them somewhere safe – like your wallet – in case you ever lose access to your security keys and need to log in.

google-authenticator-backup-codes


Some services my also offer physical two-factor authentication tokens, such as Blizzard’s Battle.net Authenticator device. You may also find unofficial authenticator apps for other platforms, such as Authenticator for Windows Phone.

Chris Hoffman is a technology writer and all-around computer geek. He's as at home using the Linux terminal as he is digging into the Windows registry. Connect with him on Google+.

  • Published 11/18/12

Comments (8)

  1. jeorgekabbi

    can i buy a physical authenticator that i can attach to my key ring ?

  2. Dan

    Thanks, this is a great look at two-factor authentication.

  3. Steve S.

    Yea can we key a keyring authenticator for Google?

  4. Shawn

    Also, if you have a Windows 8 PC, you can download “Simple Authenticator” from the Windows Store for all your Google Authenticator needs

  5. Propy

    I’m not seeing that app in the Windows Store. Search comes up with nothing matching that name.

  6. Propy

    Was able to find it, actually named “Simply Authenticator”.

  7. Pandora

    Thanks for the article. We all need to be more proactive about our personal account security. To me Google is showing that they are concerned about security and that is why I prefer their services. I use Two-Factor Authentication across a lot of my accounts. I feel a lot more secure when I can telesign into my account. If you want to compete this is a prerequisite to any system that wants to promote itself as being secure.

  8. Ben

    Maybe I misunderstand, but doesn’t putting the authenticator within the browser itself completely defeat the purpose of having an authenticator anyway?

Get Free Articles in Your Inbox!

Join 134,000 newsletter readers

Email:

Go check your email!