Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Yes, can someone explain why Google Chrome doesn't support 2FA on the desktop or iOS? It's bizarre.

(Well, I suppose it's tragically normal. I'm sure there is a corporate directive that says every Google service must support 2FA, but Chrome has an exception so they don't need to do it yet.)



Dunno about iOS, but Chrome does on the desktop; it asks you for an application-specific password when you turn on sync.


OK, but it should be asking your for an authenticator code instead. It uses this bizarre "normal password + app specific password" requirement that isn't used anywhere else.


Your data is encrypted with the normal password, so it needs it to decrypt the sync data. The App-specific password is used to log in to the server to GET the sync data in the first place.


So again, why not have the authenticator instead of the app password?


I don't think your information is up to date. I have definitely been asked for a verification code when logging into Chrome 22. And yes, I mean the kind of code generated by the Google Authenticator app, not an app specific password.


I just logged out and back in to test this.. still get prompted for an app password. It's good to see they're rolling it out, though!




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: