TIMESQUARE is an LED matrix watch, sold by Adafruit in kit form. It has an ATmega328 chip inside, which is interesting, because it means it is programmable using the Arduino IDE. That opens up several possibilities. You could design your own watch faces or you could extend lunchtime by an extra 12 minutes every day. I thought it would be cool to turn my watch into a 2-step authentication token for my Google account.
If you enabled 2-step authentication on your Google account (which you should definitely do, BTW), you know the way it works is you have an app on your phone called Google Authenticator that displays six-digit codes that change every 30 seconds. When you log in, you enter the currently displayed code in addition to your password. That way when bad people get a hold of your password, they still cannot use your account, because they don’t have the code. (BTW, this isn’t specific to Google accounts, the authentication scheme is described in RFC 6238 and is used by other services like Dropbox and LastPass. You can even set it up so that your own servers ask you for a code when you ssh into them.)
Where do the codes come from? When you set up 2-step authentication, the service (for example Google) gives you a secret that is then stored in the app (it’s usually done through a QR code so that you don’t have to type in long sequences of numbers). The app generates codes by taking the secret together with current time and performing some cryptographic operations on them (mostly the SHA-1 hash function). There’s no reason we can’t do the same on our TIMESQUARE watch and indeed someone has already implemented the algorithm on Arduino. I took that implementation and put it as another display mode on the watch, showing the six-digit code using the marquee effect normally used to display time.
Join us every Wednesday night at 8pm ET for Ask an Engineer!
No comments yet.
Sorry, the comment form is closed at this time.