What is it?

Google Two Factor Authentication is a token based authentication scheme. A token is used as a second authentication method in addition to a password. The token generator is available for free for various mobile OSes like IOS (IPhone, IPod, IPad), Android and BlackBerry. Google uses this technique on its own servers for optionally securing access to Google accounts. However, the underlying algorithm is freely available, so you can use it for your own applications.

What is GAuthServer?

GAuthServer is a library for your Java based application server for generating valid keys (including QR codes) and for validating authentication. GAuthServer is licensed under GPL. If you need a version which is suitable for integration in commercial products or you need any assistance in integrating GAuthServer into your authentication workflow, please contact us.

How can I try?

Please follow the instructions on our demo page.

This is controlled by Google, how secure is it?

The complete authentication workflow is offline. No connection to any Google servers (or even the internet) is needed, neither on the server nor the client side. The underlying algorithm is open and has been verfied by independent experts. Unlike with RSA SecurId™, you can completely control key generation on your own.