Skip to content

Google authenticator and Gmail iOS app rubbish

I have two step authentication turned on my Google account. If you don’t know what that is, whenever you login to the gmail web interface it is set up to send me a code via SMS which I then also have to enter. Applications (e.g. my Mail app on my laptop) use a “one time password” facility. This is all very neat and much more secure than most other methods.

Recently I discovered there is an app that I can install on my phone which act in the place of the SMS generator. It’s a bit like those RSA security token things that people might be familiar with – once a minute it generates a new code. When you set it up on your phone you enable it in your Google account and then the process prompts you to use the app to take a picture of a 2-D barcode that’s generated on the web page’s screen. I guess that seeds the code generation in the app.

I also use the Google Gmail application on my phone sometimes because it’s much better at searching my mail archive than the built-in Apple Mail App on the iPhone (which never has the full archive of emails, anyway).

Yesterday I upgraded to the new iPhone 5. It’s fine. Gmail is not. The process of setting up the authenticator again required me to temporarily disable two-step authentication entirely for a minute or so, re-enabling it, and re-enabling the Google Authenticator app.

Oh and now I have to re-login into the Gmail app on my phone. Here is a fresh hell. Talk about a UX disaster from Google. Now I’ve got to switch back and forth between the two apps. You can’t copy the code the Authenticator generates. I have to wait until it generates a fresh code (for maximum life span of the code), memorise it, then switch back to the Gmail app, type the code in to the tiny field Gmail app gives for it, check the miniscule “remember this computer” checkbox, press the dainty enter button, all before the bloody code expires. And it’s hard. If you get it wrong, or you aren’t quick enough, you have to repeat process, only this time you also have to backspace over the old code, because it’s still in the input field (the “remember this computer” checkbox conveniently unchecks itself, however).

I mean, this royally sucks. Now I have a headache. After about 5 attempts at this it looked like I finally got it all done in time, but the Gmail app, I think, has locked me out. It became unresponsive. Force killing it and trying to log back in just seems to make the app lock up. I can’t determine if it’s the app locking me out for security reasons, or some other sort of failure. People lambast Apple for all sorts of trivial things but Google turns out shit like this and it’s ok?

Fail, Google, fail.

2 Comments

  1. Jason wrote:

    I prefer to create a “per application” password for Gmail on my android phone. You can do similar for iOS Gmail app. This way you only set the password once, and tell the phone to remember it.
    Is it less secure? Not really, cause if your phone is stolen, the thief has access to your Authenticator app anyway.
    In the case of stolen phone, if you quickly manage to login to the Gmail website separately then you revoke both the 2-factor auth + the per-application password.

    Thursday, December 20, 2012 at 22:49 | Permalink
  2. Scot Mcphee wrote:

    I *do* use the per-app password. But for the old Gmail application on the iPhone, it’s a web application really. And web logins don’t use the per-app password, just the two-factor one. The default Apple iOd Mail app, on the other hand, uses a per-app password (just as the OSX Mail.app has to, and a web login does not).

    If my iPhone is stolen, they’d have to get through the screen lock. And if it’s on and connected to cellular or wireless networks, I can remote erase it (after I tell it to tell me where it is). Most iPhones are of course stolen and wiped for re-sale, rather than stolen for data theft reasons.

    Thursday, December 20, 2012 at 23:31 | Permalink