Results 1 to 2 of 2
  1.    #1  
    Perhaps I'm missing something obvious here, but it seems to me that GAuth has a bit of a security hole...

    Clicking on an account displays the "key" in clear text. This key should be kept secret, and probably never displayed after it's been entered.

    By comparison, the Google App doesn't allow an existing account to be modified at all (other than Renaming it) which means that it never displays the key.
  2. #2  
    Ah, this is a good point - I didn't realize Google's app doesn't do this. I'll look into removing this...
    My apps: FlightPredictor, LJ for WebOS (LiveJournal client), We the People, Private Browser, GAuth (Google two-factor authenticator), BoardGameGeek, PasswordHash

Posting Permissions