You can now use authenticator apps to keep your GOG account secure!
-
This post did not contain any content.
-
This post did not contain any content.
Thanks, immediately went to set it up. No issues. Also works properly in combination with keepassxc's TOTP feature.
-
This post did not contain any content.
It's about time!
-
This post did not contain any content.
Thanks for this. Long overdue from GOG.
-
This post did not contain any content.
Now when will Steam do this?
-
Now when will Steam do this?
They do. Just not 3rd party.
-
Now when will Steam do this?
What does GOG's 2FA do that Steam's 2FA doesn't?
-
What does GOG's 2FA do that Steam's 2FA doesn't?
wrote last edited by [email protected]At a glance (haven't enabled yet, will later today), GoG uses the RFC standard TOTP model. This means you can use whatever app you want whether that is the google authenticator that ties it to your cloud account, something related to your password manager (e.g. keepass or bitwarden), or even just a python script you have in a random directory. It gives you control of your 2FA and protects you in the event you lose a device without properly de-authenticating it.
Valve use their own model that, to my knowledge, is only accessible through the Steam mobile app. Which is a huge nightmare if you ever have a device stolen/damaged (and is why you back up the recovery code)
Just enabled. Yup, bog standard TOTP and they even provide the plaintext key so that I don't have to extract it from a QR code.
-
What does GOG's 2FA do that Steam's 2FA doesn't?
Unless I’m missing something, Steam only does code to email 2FA, not an actual TOTP app
-
What does GOG's 2FA do that Steam's 2FA doesn't?
wrote last edited by [email protected]It
presumablyworks with a normal TOTP app.E: confirmed it works
-
Unless I’m missing something, Steam only does code to email 2FA, not an actual TOTP app
They have TOTP but only in their app.
-
They have TOTP but only in their app.
So effectively, they don’t do what GOG is doing.
-
So effectively, they don’t do what GOG is doing.
Not exactly, no
-
This post did not contain any content.wrote last edited by [email protected]
2FA (Time-based One-Time Password) login
Gog, how are you even securing accounts?
You mean securing access to accounts through 3rd party TOTP, which again, isn't sessioning access authenticatively. We already invented that. -
It
presumablyworks with a normal TOTP app.E: confirmed it works
Steam works with a normal TOTP app for me, hell, it works with two normal TOTP apps for me
-
Unless I’m missing something, Steam only does code to email 2FA, not an actual TOTP app
Steam works with a normal TOTP app for me, hell, it works with two normal TOTP apps for me
-
Steam works with a normal TOTP app for me, hell, it works with two normal TOTP apps for me
Teach a brother how? I swear I couldn’t find it anywhere in the account settings.
-
Now when will Steam do this?
Idk why people think they cant add steam, i have it in my Aegis app.
-
Steam works with a normal TOTP app for me, hell, it works with two normal TOTP apps for me
I'm pretty sure it doesn't but I'll bite: How did you set that up?
-
Teach a brother how? I swear I couldn’t find it anywhere in the account settings.
wrote last edited by [email protected]I don't quite remember how to get the TOTP secret from the Steam app (they could in fact take notes from GOG here), iirc you have to extract it from the Android app via adb;
but once you have it, if this GitHub comment is correct you simply have to set the code size to 5 digits.If your phone has a rooted Android install, I found this guide.
... I swear when I did it, it wasn't this hard ._.
