Et tu, Google?
Sep. 10th, 2014 03:11 pmIt is said that using a properly configured VPN provides a pretty good defense against public wifi hotspots that play nogoodnik with connected computers. This is done by creating an encrypted channel between your computer and "the world" (as seen from the other end of the channel), where said channel is proof against eavesdropping. A side-effect of this is that your computer's apparent IP address (as viewed by the world) is actually one from a pool of such addresses the VPN provided uses to provide its service.
My previous experience with VPNs had uncovered one major flaw, at least as far as Gmail was concerned. If you check in from a new IP address (as happened when I logged in for the first time after arriving in Kazakhstan last year), then any attempt by mail software (such as Thunderbird) to connect to the Gmail servers is rebuffed, and if memory serves, I had to fire up the browser and log into Gmail "manually" to confirm I was really me.
This gets old fast, especially if you move around a lot.
I didn't notice when Google introduced two-factor authentication, but they did. Enabling this feature means that—as I've configured it—any time I log into my account with my password, I get sent an SMS with a code, which also must be entered to gain access to my account.
If I was snoozing when Gmail's two-factor authentication made its appearance, I was utterly unconscious when Google introduced a feature that becomes available once you enable two-factor authentication. This feature essentially consists of individual passwords for separate devices running mail software (such as your phone, tablet, etc.). It's something of a pain to implement if you access Gmail from more than one or two devices, but among other things, this feature turns out to be the solution to the "suspicious login" problem associated with using VPNs. Now I can traipse around the world with my laptop and hit Gmail through Thunderbird on Montaigne and never hear a peep from Google about suspicious login attempts.
So of course, I'm thrilled as anything (not!) to hear that 5 million Google accounts have had their passwords compromised, because if this means having to "change my password," I'm going to have to kiss a chunk of time goodbye to do this.
Then again, the way the system has been set up, I should not be at risk, as anyone who does have my password would have to find a way around the second factor. That said, I recall the variant of Murphy's Law that goes "There is always a way," so I shall keep alert on this front and see how the situation develops.
My previous experience with VPNs had uncovered one major flaw, at least as far as Gmail was concerned. If you check in from a new IP address (as happened when I logged in for the first time after arriving in Kazakhstan last year), then any attempt by mail software (such as Thunderbird) to connect to the Gmail servers is rebuffed, and if memory serves, I had to fire up the browser and log into Gmail "manually" to confirm I was really me.
This gets old fast, especially if you move around a lot.
I didn't notice when Google introduced two-factor authentication, but they did. Enabling this feature means that—as I've configured it—any time I log into my account with my password, I get sent an SMS with a code, which also must be entered to gain access to my account.
If I was snoozing when Gmail's two-factor authentication made its appearance, I was utterly unconscious when Google introduced a feature that becomes available once you enable two-factor authentication. This feature essentially consists of individual passwords for separate devices running mail software (such as your phone, tablet, etc.). It's something of a pain to implement if you access Gmail from more than one or two devices, but among other things, this feature turns out to be the solution to the "suspicious login" problem associated with using VPNs. Now I can traipse around the world with my laptop and hit Gmail through Thunderbird on Montaigne and never hear a peep from Google about suspicious login attempts.
So of course, I'm thrilled as anything (not!) to hear that 5 million Google accounts have had their passwords compromised, because if this means having to "change my password," I'm going to have to kiss a chunk of time goodbye to do this.
Then again, the way the system has been set up, I should not be at risk, as anyone who does have my password would have to find a way around the second factor. That said, I recall the variant of Murphy's Law that goes "There is always a way," so I shall keep alert on this front and see how the situation develops.