One of my favorite exchanges has revamped and they implementing a very annoying safety feature: kicking me out of the trading page every inactive 30 minutes. The result is I have to now login10 + times a day just to login to check prices or to trade. This means I have to input 2FA code from my Google Authenticator every time to login too. Together with the stupid frequent ReCaptcha verification, every login now takes me at least 30 seconds.
There is nothing I can do with the ReCaptcha as that is one of the system design, but I can simplify the 2FA process.
The method is to export credentials of Google Authenticator to the chrome extension Authenticator.
Use this trick if:
- You did not backup the specific app's credentials (the barcode or manual entry code) when you setting up 2FA with that app.
- You want to get the 2FA code on a computer instead of phone.
- You are using Google Authenticator on an android device.
- Your device must be rooted.
In the rooted phone, use a root file explorer to get
/data/data/com.google.android.apps.authenticator2/databases/databasesand copy it to the computer.
In computer, use Notepad++ to open the
You will see lots of "null" characters but skip it all to the bottom of the file, where you see readable text like below and the red part is your credential key.
Copy the credential key and insert into Authenticator extension.
Authenticator -> Edit button -> Plus button -> Munual Entry
Now you can copy the time-based access code using just a click.
The 2FA credential is crucial for the security obviously, that's why you should not store this information in any plain text form. Encrypt it and store it somewhere offline like the USB thumbdrive. The next time you switch your phone or even lost it, you can easily recover the access code. With root access, you can also use the Titanium Backup app to backup Google Authenticator with the credential.
You should also start backing up the credential whenever you setting up a new 2FA login for a service.
- 想从电脑上快速获取 2FA 密码的人。
- 当初没有备份某个服务生成 credentials 的人。
Google authenticator 必须运行在安卓手机上。
谁拥有用于密码生成的 credential 就可以生成 2FA access code 登入特定的服务，所以一定做好保护功夫。永远不要保存在纯文字格式。