23
One-time passwords are so called because of their generation algorithm. In addition to the private key, the
one-time password counter is also used here. Each time the password will differ from the previous one. The
counters on both sides must be synchronized: if at least one password is missed, they will not be the same and
the algorithm will be broken. Another convenient option for one-time password generation can be
synchronization by time. In this case, the generation algorithm does not use the counter, but the current time.
With time synchronization between the devices, you always get the same passwords on both sides. According
to RFC 6238 standards, the time is rounded up to the nearest 30 seconds: for example, every 30 seconds your
one-time password will change.
Hideez Key uses the second option: synchronization by time. Time synchronization between the key fob and
the computer / smartphone occurs when a connection is established between them. In order to work
properly, you need to set the correct time on your PC, otherwise it will not coincide with the time on the
server that checks the OTP and the passwords will not match.
You can add the OTP secret key to any account in the password manager window.
The following information shows how to use Hideez Key for Google two-factor authentication (TWA).
• Go to your account security settings https://accounts.google.com/b/0/SmsAuthConfig
• Turn on TWA for your account (corporate clients may need corporate admin confirmation).
• Google may ask for your mobile number. Input it and put in the special code received from Google
via SMS.
• Choose “Get codes via our mobile app instead”, and check “Android”.
• In the “Set up Google Authenticator” dialog click on the link “Can't scan the barcode?” and find
the 32-symbol secret key shown in the form of text.
• Copy the secret key into the clipboard.
• Open your Password manager entry, click “Enter secret OTP key”, paste the copied data and save
the changes.
• After that, open the browser and click OK to complete the settings. Google will immediately ask
you to enter a one-time password to be sure that you have configured everything properly. Press
the key combination to enter the OTP (the default is Control + Alt + O). A one-time password will
be created in the key fob and will be entered in the input field. Before it checks the OTP, the
secret key will not be applied and the two-factor authentication will be turned off.
Note: Each new secret code generation on the Google web-service makes the previous code invalid, so you
need to install the private key on all the devices simultaneously, e.g. Hideez Key and Google Authenticator on
your smartphone.
9.6. Backup and Recovery of the User Data
Hideez Key contains 72 KB of user memory and can store thousands of passwords, logins, keys and other
information. To prevent losing this data, Hideez Safe can backup and restore user data.
The backup file should be kept on local PC/tablet storage only. The file is encrypted by your My Hideez
password according to AES-256.
The file name contains the *.hb extension. It includes the device name as well as the date and time of last
modification of data in the key fob memory.
To recover the file, you need to enter the password manually. Please note, if you change your account
password, you will need to enter the password that was used when the backup was created.
To Next Page
Loading...