Monday, November 28, 2011

Google's 2-step verification is (almost) the spawn of Satan - iPhone upgrade edition

Two months ago I decided Google's 2-step verification was an incomplete mess unsuitable for use by non-geeks.

Today I decided it's the spawn of Satan.

This is what happens if you refresh an iPhone running Authenticator - either a new phone or restore from backup

  1. Restore iPhone from backup
  2. Authenticator settings gone
  3. Per directions to account page for 2-step verification settings.
  4. Discover, despite 30 day authorization, my computer wants authenticator token today.
  5. Fortunately, I have my old phone. That works.
  6. Realize that there's no support for authenticating a new phone. Ok, I'll just turn off the iPhone ...
  7. Get the QR code. That works ... but
  8. All the friggin' application specific passwords are gone -- all revoked.

Do you know how friggin' long it takes to enter all those application specific passwords across multiple machines and operating systems?! Can I scream now?!

Friends don't let friends use 2-step verification.

Update: A few minutes later and, for now. I see my (not) application-specific passwords and they still seem to work. So only almost the spawn of Satan. Google needs a workflow to support migrating from one iPhone to another.

See also:


No comments: