For a variety of reasons, I find Duo Security’s offering a much better solution for multi-factor authentication. Having said that, if you object to the ease of use, robust user management, and a slew of other things that Duo does and Google Authenticator doesn’t, I’ll pretend to understand.
Also, seriously, if you use iOS you should be aware that the Google Authenticator application is hideous (though functional). I’d recommend using Authy’s app and service for TOTP tokenized logins, and also point out that the Duo Security app can have TOTP tokens too. The only reason I don’t use that feature is because I blow up my phone enough that having my Google Apps, Cloudflare, App.net, Dropbox and other tokens in an account with Authy is much more convenient.
Did I mention that using Duo Security with WordPress, Remote Desktop, RADIUS, most VPN servers and SSH means that my iPhone floats me a push notification when I login to any of my systems I’ve provisioned for it and it also tells me the source address of the connection? That includes ipv6 addresses, you big nerd.
Good news, everyone! Twitter has released a multi-factor authentication service, so while your bank is wide open for business to anyone that steals your password, at least nobody will send a Tweet using your Twitter Machine or buy virtual goods and services in Azeroth! Hallelujah.
That’s weird, you don’t look delighted.