Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Google Authenticator is a TOTP client as far as I know, and it can transfer codes to third party clients without problems.

The point of my rant was that with modern day Google, TOTP authentication is not enough.



last time I checked (two years ago), Google Authenticator made it horribly complicated to export TOTPs managed by it. It took me an evening and many unsuccessful attempts to get my 10 or so Google Authenticator-managed TOTPs in a format that I was able to import into other open source solutions (eg Authy Authenticator Android app, KeePassX Linux application).

I don't care if things have changed, it was a shit experience. I highly suggest to stay away from the Google Authenticator lock-in danger.


Google Authenticator, like the Microsoft Authenticator, goes beyond mere TOTP and if you use that (or it's required by Google) then you need an app that can receive a push notification as part of the 2FA. This is the part that would screw up a lot of the consulting work I'm doing with client Google accounts because it would mean getting a separate installed instance of Google Authenticator for each account.


You're confusing Google device prompts and Authenticator. The latter is indeed a mere TOTP client.

By the way I'm pretty sure the prompts work with as many Google/Workspace accounts as you want.


Is there any way to disable the device prompt on my Android phone and Tablet? I'd prefer to go directly to the TOTP code entry as the first item.




Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: