10
1
I'm setting up Two-Factor Authentication for our small office that will be used to log in to the corporate web site. The TFA is used via the Google Authenticator app that works great, except for a situation when a person doesn't own a smartphone.
So I was curious, can we buy a stand-alone hardware device (i.e. dongle) that could work as a Google Authenticator app?
MikeF
Posted 2014-12-31T11:14:12.190
Reputation: 518
2
You can use Protectimus Slim mini hardware tokens. These are programmable NFC TOTP tokens offered by Protectimus Solutions LLP - the company where I work. You can add the Google Authenticator seed in such token with the help of a special app and an Android smartphone supporting NFC, and it will replace the app.
Anna Korobkyna
Posted 2014-12-31T11:14:12.190
Reputation: 29
1
Three potential possibilities:
Are you securing Google Apps or Gmail?, if so you can phone authentication only as per support.
In addition to Google Authenticator you can opt for hardware key based authentication like YubiKey.
Switch out Google Authenticator for alternative that will support phone call, SMS and app based authentication like DuoSecurity.
fswings
Posted 2014-12-31T11:14:12.190
Reputation: 666
2
Sorry, have to downvote because of your suggestion number 3. Phone call or SMS/text is a terribly insecure way of TFA. DO NOT USE IT!
– MikeF – 2017-10-26T02:44:53.5431Thanks @MikeF, however using the facts of today to down vote an answer provided more than 2 years ago is a bit unfair. – fswings – 2017-10-26T18:05:30.413
Secondly, the answer is still valid (ie DuoSecurity) as you get to choose which mechanism you want to use so er just disable phone and SMS – fswings – 2017-10-26T18:06:22.853
1It's usually called "2FA" – Attie – 2017-11-09T12:29:29.003