Jump to content
ATX Community

Having a backup Authenticator on your desktop!

orst88

By orst88
in General Chat

 Share

Recommended Posts

orst88

orst88

Posted
Posted

 

After losing a few more hairs, I’m sharing this because I KNOW this will be helpful to at least those with first-time authenticator experience.  IMO, this desktop authenticator could as well be your only authenticator.  

image.png.12868d3de54bf5fc2a5d96276e7761f1.png

#5 should read: “You can BOTH:”  
Because I did not save the long string of characters the first time, I needed to start anew.
After selecting ‘Manage Admin Authentication’, I entered the ATX registration code and my existing password, clicked ‘pair device’, and, of necessity, created a new Authenticator account on my phone app (I used Microsoft Authenticator) this time also copying the long alphanumeric value...(I received an ATX shutdown error message which I simply closed and ignored) then pasted that value into Notepad (one could use Word).
THEN…
I found a simple desktop authenticator called Authme.  
Authme is a simple, cross-platform two-factor (2FA) authenticator app for desktop. It allows you to manage your 2FA codes directly from your computer, making it convenient to access and use them without needing your phone.
I entered: https://authme.levminer.com into my desktop browser search bar and downloaded.  It even placed a shortcut on the desktop!  Once open, I clicked on the import icon, then the ‘Setup a key’ button. Required 2 entries: Name (ATX 2024 or such), and the long alphanumeric value which I saved. (I entered an email address in the third field not aware it was optional) Clicked ‘Confirm”. Done!!!!  Beer time.

  • Like 2
Abby Normal

Abby Normal

Posted
Posted
30 minutes ago, orst88 said:

#5 should read: “You can BOTH:”

No because you can't have two different authenticator setups. The last one you do will be the only one that works.

But I do agree that a desktop authenticator is superior to a phone based one because you can copy/paste the 6 digit code into ATX.

  • Like 1
jklcpa

jklcpa

Posted
Posted
18 minutes ago, Abby Normal said:

No because you can't have two different authenticator setups. The last one you do will be the only one that works.

But I do agree that a desktop authenticator is superior to a phone based one because you can copy/paste the 6 digit code into ATX.

More convenient and maybe OK for a desktop, but isn't it somewhat less secure to have it on the same machine if that machine is compromised.  I also see this setup as less secure on a laptop that travels with the preparer. If the laptop is lost or stolen, the MFA is there on the same machine as the tax software, or whatever program or internet site the MFA is protecting.

  • Like 2
Abby Normal

Abby Normal

Posted
Posted

It probably is less secure, especially if you put a shortcut to your authenticator on your desktop, but any hacker would also need to break your ATX password, and 3 wrong guesses would lock them out and require a password reset, so I'm not worried about it.

orst88

orst88

Posted
  • Author
Posted
1 hour ago, Abby Normal said:

No because you can't have two different authenticator setups. The last one you do will be the only one that works.

Oh but I can!  Both the phone and desktop authenticator codes are mirror images of one another.  I accessed ATX both ways.  I wouldn't have offered this up had it not worked...

And in my case no one to be compromised by as it's just me, myself and I.   

jklcpa

jklcpa

Posted
Posted
22 minutes ago, Abby Normal said:

It probably is less secure, especially if you put a shortcut to your authenticator on your desktop, but any hacker would also need to break your ATX password, and 3 wrong guesses would lock them out and require a password reset, so I'm not worried about it.

True.

19 minutes ago, orst88 said:

And in my case no one to be compromised by as it's just me, myself and I.   

I agree. One thing I'd wish for is if we could get rid of the program timing out and requiring us to log in again.

  • Like 3
Abby Normal

Abby Normal

Posted
Posted
2 hours ago, orst88 said:

Oh but I can!  Both the phone and desktop authenticator codes are mirror images of one another.  I accessed ATX both ways.  I wouldn't have offered this up had it not worked...

And in my case no one to be compromised by as it's just me, myself and I.   

I'm surprised that works. So you can use either authenticator and they both show the same code at the same time?

  • Like 1
Slippery Pencil

Slippery Pencil

Posted
Posted
4 hours ago, jklcpa said:

isn't it somewhat less secure to have it on the same machine

I use a browser based authenticator.  It completely eliminates the 2F aspect of this.  One of many reasons these laws are asinine. 

  • Like 4
Margaret CPA in OH

Margaret CPA in OH

Posted
Posted

My old phone died and I had to rush to get a new one.  I have the authenticator on the phone for a few reasons.  I called support for help to renew (or whatever the term would be) access for the program and payroll.  Although I was on hold for probably 30 minutes, the tech was very helpful and knowledgeable.  I have the authenticator on my desktop now and am quite happy to not have to scramble to find my phone every time to access the software.  I didn't expect to prefer this option.

  • Like 2
  • Thanks 1
TexTaxToo

TexTaxToo

Posted
Posted
16 hours ago, Abby Normal said:

I'm surprised that works. So you can use either authenticator and they both show the same code at the same time?

Authenticators are implemented with a hashing algorithm.  They simply hash a "secret code" with a counter derived from the current time to get the 6-digit passcode.  The "secret code" is obtained from the QR code or the equivalent string when you setup a site.  Any authenticator initialized with that code will produce the same passcode at the same time.  It doesn't even need to be connected to the internet as long as the clock is accurate.

For those technically inclined, you can google or wiki TOTP (time-based one time password) for details.

For that reason, you should treat the "secret codes" with care, as anyone who has them can set up an authenticator to mimic yours.  Pasting them into a Word document named "Authenticator codes" is probably not a good idea. 

 

  • Like 4
  • Thanks 1
orst88

orst88

Posted
  • Author
Posted
20 hours ago, Abby Normal said:

 So you can use either authenticator and they both show the same code at the same time?

Yes.  Mirror codes, to the second (as long as internal clocks are identical).  My original intent was to simply have some standby authenticator available in the event my cellphone went to zero or worse.

Everyone will have differing security concerns.  If not on the same computer, then maybe on another. (possibly snaping a photo of the QRCode and installing on a second cellphone?)  As long as there's a backup plan.  In my case - now knowing I have one gives me calm.

Enjoy tax season, all!

  • Like 1
orst88

orst88

Posted
  • Author
Posted

2 seconds off? Then there should be a 6.66...% (2/30ths) chance you won't get into your program in any given attempt! 

TexTaxToo might have something to say about that!!

TexTaxToo

TexTaxToo

Posted
Posted
19 hours ago, orst88 said:

TexTaxToo might have something to say about that!!

Most sites or applications will accept passcodes from within some window of the current time (maybe the ones before and after as well as the current one).  After all, it takes some time to type the code in and there may be network delay.  But it is also a requirement that the same passcode not be accepted twice (so if you for some reason get logged out immediately, you might have to wait 30 seconds to get a new one to log back in).

  • Like 2
  • Thanks 1

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...