Difference between revisions of "Google Authenticator"
m (1 revision imported) |
|
(No difference)
|
Latest revision as of 12:52, 11 May 2017
Contents
Overview
Google Authenticator supports the use of OATH HOTP such as used with the Swivel Token, and software tokens with a valid Seed can be used to authenticate Swivel users. Google Authenticator uses HMAC-SHA1 seeds.
Currently Swivel is not compatible with the Authenticator Time Based OATH TOTP token as Swivel tokens use a 30 second refresh, and Google Authenticator uses a 60 second refresh.
Prerequisites
Swivel 3.9.6
Google Authenticator
Configure the Swivel User
For configuring the seeds on the Swivel server see Token. Configuring a software token is similar to configuring a hardware token.
Swivel uses a Hexadecimal seed, to generate a valid seed see seed.
Configure the Google Authenticator App
Convert the Hexadecimal seed ((A-Z, 0-9) into Base32 (A-Z, 2-7 and = for padding), for Google. Google enforces a minimum seed length of 16 characters or 80-bits. The following online tool can be used for converting the seed:
http://www.darkfader.net/toolbox/convert/
Example:
Base16 seed: e0b10ee3a4bb2598c0575539529f33 (used by Swivel)
Base 32 seed: 4CYQ5Y5EXMSZRQCXKU4VFHZT (used by Google Authenticator)
Download the Google Authenticator from the appropriate app store.
On the Google Authenticator App select Set up account, then Enter key provided
Enter account name The Swivel user name
Enter your key The seed
Time-based change to Counter-based
Select Add
Then synchronise the token (see Token)