Posted on Leave a comment

Please allow your APIs to bypass 2 factor authentication – Mint and Paypal, I’m talking to you!

I use and love I use and love my Paypal security key. However, I cannot use the two together. Either I use without my paypal details (undesirable) or I lower the security on my Paypal account by deactivating my security key (undesirable).

Two-factor authentication (TFA, T-FA or 2FA) is an approach to authentication which requires the presentation of two different kinds of evidence that someone is who they say they are.

[Source, Wikipedia]

What is desirable is the ability for to authorize certain applications to bypass 2 factor authentication in the same way that Google Accounts allows me to bypass their 2 factor authentication for applications that I trust. So, I should be able to go into my Paypal settings and say “trust without 2 factor authentication” and it would assign a key (guid, long string of characters, whatever) specifically for that effectively would be mint’s password into my Paypal account.

To make this work, would require cooperation between Mint and Paypal of course. To see this in practice, go to Google Accounts, turn on 2 factor authentication, then set up Gmail on an iPhone, Blackberry or Android. There’s the model.

See also: Google’s Getting started with 2-step verification for a demonstration of application specific passwords.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.