Large companies typically have a Single Sign-on (SSO) solution so their employees can leverage one web login (or even their PC login) and not need to remember all their application passwords. Most browsers today offer this service and many third party plugins have taken over this space. You can also leverage oauth based logins via Facebook, Twitter and other social sites. I’ve chosen to do this write up on Google because of the added security through 2-step verification.
Google 2 Step Setup
This setup is quite a process. The easy part is turning on 2 step auth. Afterwards, either use SMS messages to get your PIN or download the Google Authenticator app from the Android Market or Apple App Store. This app syncs to your account and generates a PIN on demand.
Follow the steps outlined by Google here for Setup – https://support.google.com/accounts/bin/topic.py?hl=en&topic=1099588&parent=28786&ctx=topic
Follow these steps for the Google Authenticator App – https://support.google.com/accounts/bin/answer.py?hl=en&answer=1066447&topic=1099586&ctx=topic
The next step is to setup Application-specific passwords for all those client side apps (Outlook, Chrome, Android, iOS, etc) you have connected to Google as they don’t support two step auth. Google will generate a random key which you will use for specific client apps. Some apps will prompt you to first login to Google, then use the Application-specific password, watch for this during login. Once you’ve used the Application-specific password you can no longer see it, only revoke it. If revoked you’ll need to go through that applications setup again.
Follow these steps for Application-specific passwords – https://support.google.com/accounts/bin/answer.py?hl=en&answer=185833&topic=1099586&ctx=topic
Chrome needs an Application-specific password so grab that first. Open up Chrome, click the “Settings” wrench and hit the Sign in menu item and your good to go. You can have Chrome store your passwords and form fill information. Using Chrome Sync you can encrypt your data via your Google password. This allows it to be stored in your Google account and synced to other Chrome installs and Android 4.0 or Ice Cream Sandwich (ICS).
When it works this is awesome. You can sync your bookmarks as an option once you add your Google account to the smartphone. This will keep your ICS Browser in sync with your Chrome Sync data.
Bookmark have been a headache a couple times with the sync breaking. This results in having to turn off sync on ICS, all Chrome browsers, and delete content from the Google dashboard. Overall this can take 45 minutes due to the delay in deletion and re sync.
- On ICS under Accounts, edit your Google account and uncheck Sync Browser
- Sign out of all your Chrome instances
- In the Google Dashboard under Chrome Sync, click “Stop sync and delete data from Google”. You’ll need to wait about 15 minutes here
- Enable the Sync Browser option on Android first (this has worked best in my experience) and give that a chance to sync
- Log in to your Chrome browser again (you’ll need to get a new Application-specific password for 2-step verification)
Chrome Beta on Android
This is new so I’m still trying to discern the difference between the ICS browser integration and Chrome Beta. I suspect they are the same and Chrome Beta is for non ICS devices.