Tag Archives: Security

Backup Google Authenticator Database

Two factor authentication is great – I wish everything would use it.   My personal 2FA (specifically TOTP)  mobile app is Google Authenticator.  It allows you to scan a barcode, or manually enter a 2FA initilization token, and gives you a nice display of all of your stored 2FA tokens, with a great countdown of the token’s expiration.  However, it does have one critical flaw feature:  You can’t export your accounts.

Let me re-state that:  Your 2FA tokens are locked away in your mobile device.  Without the device, you’re locked out of your accounts (Hopefully you created backup codes).  If your device becomes inoperable, good luck!

However, if you have root access to your device, you can grab the Google Authenticator database and stow it away for safe keeping by grabbing it from the following location on your phone:

/data/data/com.google.android.apps.authenticator2/

If you have ADB enabled, you can just run the following command:

 adb pull /data/data/com.google.android.apps.authenticator2 

Keep this information very secure, as it can be used to generate 2FA codes for all of your accounts!

SQL AlwaysOn Availability Group User Accounts

When creating SQL 2014 AlwaysOn Availability Groups, careful attention is required when provisioning the logins on each member server.

While the databases may contain user accounts for the appropriate members, the cluster member servers may not contain login information for said users. This can result in a seemingly “happy” fail over cluster (according to the dashboard in SQL Server Management Studio), but upon fail over, much pain will occur.

From a 10,000 foot view, the Logins on each server need to have the same SID, Username, and Password.

More detail (along with a script to rectify any “on-noes” that may have occurred in your environment): https://support.microsoft.com/en-us/kb/918992

This page contains some best practices for avoiding the described issue: https://aalamrangi.wordpress.com/2015/02/09/avoid-orphan-users-in-alwayson/