Скачать winauth на русском


winauth/winauth: Authenticator for Battle.net / Steam / Guild Wars 2 / Glyph / Runescape / SWTOR / Bitcoin and digital currency exchanges

WinAuth is a portable, open-source Authenticator for Windows that provides counter or time-based RFC 6238 authenticators and common implementations, such as the Google Authenticator. WinAuth can be used with many Bitcoin trading websites as well as games, supporting Battle.net (World of Warcraft, Hearthstone, Heroes of the Storm, Diablo), Guild Wars 2, Glyph (Rift and ArcheAge), WildStar, RuneScape, SWTOR and Steam.

Download Latest Beta Version

The latest beta version is WinAuth 3.6 and is available from the releases page. Please do not use this version unless you are testing new features.

This will likely be the last version of WinAuth when released as 3.7. It has reached the end of its useful life and requires a massive UI overhaul. My thanks to everyone who has used WinAuth, provided fixes and useful suggestions.

Download Latest Stable Version (WinAuth 3.5)

WinAuth provides an alternative solution to combine various two-factor authenticator services in one convenient place.

This is the latest stable version and can be downloaded from the releases page, or directly from:

Latest Version (WinAuth-3.5.1)

There is also a .Net 3.5 build of WinAuth that can be run on Windows 7 installations "out of the box".

Features include:

  • Support for time-based RFC 6238 authenticators (e.g. Google Authenticator) and HOTP counter-based authenticators
  • Supports Battle.net (World of Warcraft, Hearthstone, Heroes of the Storm, Diablo III), GuildWars 2, Trion / Glyph (Rift, ArcheAge), RuneScape, WildStar, SWTOR and Steam
  • Supports Steam's SteamGuard and trading confirmations
  • Supports many Bitcoin trading websites such as Coinbase, Gemini, Circle, Bitstamp, BTC-e, Cryptsy
  • Displays multiple authenticators simultaneously
  • Codes displayed and refreshed automatically or on demand
  • Data is protected with your password, locked to Windows machine or account, or a YubiKey
  • Additional password protection per authenticator
  • Restore features for supported authenticators, e.g. Battle.net and Rift
  • Selection of standard or custom icons
  • Hot-key binding with standard or custom actions, such as code notification, keyboard input, and copy to clipboard
  • Portable mode preventing changes to other files or registry settings
  • Import and export in UriKeyFormat and from Authenticator Plus for Android
Updates
  • 3.5.1 - Issue#366: fix spamming notifications when Steam is down. Hide confim/cancel all buttons on login.

How To Use

Use the following link to download the latest version of WinAuth, or go to the Releases page.

Requires Microsoft .Net 4.5

To use:

  • Download the latest stable version of WinAuth
  • There is no installation required, just open the zip file and extract the WinAuth.exe file to anywhere on your computer
  • Double-click or run WinAuth.exe
  • Click the Add button to add or import an authenticator
  • Right-click any authenticator to bring up context menu
  • Click the icon on the right to show the current code, if auto-refresh is not enabled
  • Click cog/options icon for program options

To compile and build from source:

  • Download source code file or clone project
  • Requires Microsoft Visual Studio 2015
  • any other dependencies are included in the source tree in the 3rd Party folder
  • Use ILMerge to combine assemblies into one single exe file

New Features

Version 3.5 includes Steam trade confirmations.

If you registered SteamGuard with WinAuth 3.3.7 or earlier, you will need to remove it from your Steam account and add it again. This is because WinAuth 3.3 only kept information relevant to generating the SteamGuard authenticator codes, however, confirmations needs more information.

You can go into the normal Steam client, choose Account Details, then click "Manage Steam Guard". Click the Remove Authenticator button and enter the recovery code (aka revocation code - found from right-clicking in WinAuth).

Once the new authenticator is added, you will have an extra option when right-clicking called "Confirmations...". This will login with your username/password and show your current trade confirmations. You can click to view more details, and use the buttons to accept or reject them.

If you choose "remember me", WinAuth will keep you logged in (does not keep your username/password) so you can quickly go into Confirmations again.

COMMON QUESTIONS

Is it secure? Is it safe?

All authenticators just provide another layer of security. None are 100% effective.

A physical/keychain device is by far the best protection. Although still subject to any man-in-the-middle attack, there is no way to get at the secret key stored within it. If you are at all concerned, get one of these.

An iPhone app or app on a non-rooted Android device is also secure. There is no way to get at the secret key stored on the device, however, some apps provides way to export the key that could compromise your authenticator if you do not physically protect your phone. Also if those apps backup their data elsewhere, that data could be vulnerable.

A rooted-Android phone can have your secret key read off it by an app with access. Some apps also do not encrypt the keys and so this should be considered risky.

WinAuth stores you secret key in an encrypted file on your computer. Whilst it cannot therefore provide the same security as a separate physical device, as much as possible has been done to protect the key on your machine. As above, physical access to your machine would be the only way to compromise any authenticator.

I'm concerned this might be a virus / malware / keylogger

WinAuth has been around and used since mid-2010 and has been downloaded by thousands of users.

It has always been open-source allowing everyone to inspect and review the code. A binary is provided, but the source code is always released simultaneously so that you can review the code and build it yourself.

No personal information is sent out to any other 3rd party servers. It never even sees your account information, only your authenticator details.

There are no other executables installed on your machine. There is no installer doing things you are unable to monitor. WinAuth is portable so you can just run it from anywhere.

I found WinAuth on another website, is it the same thing?

WinAuth source code is uploaded to GitHub at http://github.com/winauth/winauth and pre-built binaries are in releases. It is not published anywhere else, so please do not download any other programs claiming to be WinAuth.

Where does WinAuth save my authenticator information?

Unlike some other authenticator applications, WinAuth does not store/send your information to any 3rd party servers. Your authenticator information is saved by default in your account roaming profile, i.e. c:\Users<username>\AppData\Roaming\WinAuth. However, this file can be moved anywhere and passed into WinAuth when run.

More Information

All trademarks are recognised, including but not limited to:

  • Blizzard, Battle.net, World of Warcraft, Starcraft, Diablo
  • ArenaNet, Guild Wars 2
  • Trion, Rift
  • Google
  • Microsoft
  • Steam

Author

WinAuth was written by Colin Mackie. Copyright (C) 2010-2017.

Bitcoin donations can be sent to 1C4bMkMATViiWYsmJSDUx2MruWM785C36Y

License

This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program. If not, see http://www.gnu.org/licenses/.

github.com

WinAuth Windows 2-factor Authentication app

WinAuth is a free open-source program for the Windows operating system that can be used to generate codes for various services offering 2-factor authentication.

2-factor authentication, sometimes also called 2-step verification, is an authentication scheme that adds a second verification step to authorization processes.

Companies started to add these options to improve account security. Basically, what it does when enabled is to require another code to be entered before access is granted.

This prevents many common attack forms such as phishing, brute forcing and even password dumping.

There are three core types of code generations for 2-factor authentication schemes: hardware-based, software-based, and remote-generation.

  • Hardware-based: usually come in form of a simple gadget that you sync with an account. Once synced, you press a button to generate a code.
  • Software-based: usually as an application that you install on a smartphone. Google Authenticator and Authy are two popular solutions, but there are more, and some companies have created their own authenticator application.
  • Remote Generation: requires a mobile phone, with codes arriving via SMS.

WinAuth

WinAuth has been designed as a free program for Windows to give Windows users a tool at hand that they can use to generate codes for several popular services.

The program supports — at the time of writing — Google, Microsoft, and the gaming services or games Battle.net, Steam, Guild Wars 2, Glyph, SWTOR, RuneScape, and WildStar. WinAuth supports any service that uses Google Authenticator, Microsoft Authenticator, or RFC 6284 based authentication.

Note: WinAuth requires the Microsoft .Net Framework but not installation.

The program displays a basic dialog on first start which you use to add services to the program. Click on the add button and select one of the listed services or the generic “authenticator” option from the menu that opens up.

The process is usually the same regardless of service, but it is only explained in detail for the listed services and not the generic option.

What you need to do usually is open the service on the web to start the 2-factor authentication setup. How that is done depends on the service in question. Generally speaking, you will get an email or SMS first to verify the setup, and need to copy a secret key that is displayed on the site into the WinAuth application.

Since it does not support the scanning of QR codes, it is a required step to make the program the code generator for the selected account.

You can then hit the verification button in WinAuth to generate a verification code that you entert on the service’s website to complete the sync process.

The program displays protection options once the syncing completes. You may protect the data using a custom password, or may use Windows account encryption to protect it so that it cannot be used on another computer, or even another user on the computer.

Last but not least, if you own a Yubikey device, you may use it for protection as well.

Once done, you will be asked to enter the code when you sign in to the service. Some services request a code all the time while others allow you to define a device as secure so that codes are requested only occasionally when you are using them.

When a code is requested open WinAuth to get the code that you need to complete the authentication process. Each generator can be set up to generate codes automatically when the program is open, or only on request.

As far as security is concerned, the developers have this to say:

All private authenticator data is encrypted with your own personal password, salted and enhanced with key strengthening to reduce the ability for brute force attacks. The data can also be protected using Windows in-built Data Protection API, which will “lock” the data to a single computer or account, making it completely unusable if copied to another computer.

WinAuth saves the data to c:Users<username>AppDataRoamingWinAuthwinauth.x by default

Closing Words

WinAuth is a handy program for Windows users who want to use 2-factor authentication without using a mobile device to do so. Doing so may limit mobility, but that may not be a requirement.

websetnet.com

Универсальный аутентификатор WinAuth для Steam, battle.net » Miped.ru

Столкнулся я с такой проблемой: у меня много аккаунтов Steam + есть аккаунты на других игровых платформах с привязанным аутентификатором. Использовать для каждой платформы официальное приложение генерации кодов не удобно, тем более при большом кол-ве аккаунтов. Я нашел отличную альтернативу. о которой я вам сейчас расскажу.

Речь пойдет о такой программе, как WinAuth. Эта программа генерирует коды двухэтапной аутентификации, имеет удобные средства для импорта под готовые сервисы и интуитивно понятный английский интерфейс.

Приступим к работе:1) Качаем программу с официального сайтаПосмотреть исходный код вы можете перейдя по ссылке.Кидаем ее в любое удобное место и запускаем, установки она не требует. 2) Добавляем аккаунт, для этого нажимаем на кнопку ADD и выбираем интересующий сервис

Я выбрал Steam.3) Нам дают на выбор 3 способа добавления аккаунта:Login - авторизация через Steam аккаунт, для использоания этого способа у вас не не должно быть подключенного аутентификатора.1) Выбираем вкладку "Login"2) Заполняем поля и нажимаем кнопку "Login"3) На вашу почту придет код, вводим его в поле и нажимаем "Continue"4) На ваш телефон придет код, вводим его в соответствующее поле.Ставим галочку в самом низу5) Нажимаем "Confirm". Ваш аккаунт успешно подключен.Import Android - импорт данных с вашего Android устройства (если у вас уже подключен аутентификатор на Android).1) Выбираем вкладку "Import Android"2) Переходим по указанному пути с вашего устройства3) Заходим в папку "shared prefs", открываем файл steam.uuid.xml4) Копируем с этого файла строчку:И вставляем ее сюда:5) Далее идем в папку "files", открываем файл вида "Steamguard-NNNNNNNN", где N - цифра.6) Копируем его содержимое в это поле:Нажимаем "ОК". Все, ваш аккаунт добавлен и генерирует коды.Import SDA - импорт со SteamDesktopAuthenticator.1) Выбираем вкладку "Import SDA"2) Нажимаем кнопку "Browse"и переходим в папку с установленным SDA\MaFiles. Выбираем файл "manifest.json".3) Вводим пароль (если SDA защищен паролем)4) Нажимаем кнопку "Load" и выбираем нужны аккаунт из спискаЖмем "ОК" - наш аккаунт добавлен.

Для примера я еще покажу подключение аккаунта Battle.net:1) Переходи на страницу подключения аутентификатора Battle.net2) Подтверждаем через почту (этап 1)3) Нажимаем "Далее" ничего не качая!

4) В WinAuth нажимаем ADD -> Battle.net -> Create authenticator5) Заполнить данные на сайте сгенерированными аутентификатором6) Нажимаем кнопку "ПРИКРЕПИТЬ БРЕЛОК БЕЗОПАСНОСТИ", а у winAuth "OK"Вы успешно добавили аккаунт в winAuth

Интерфейс интуитивно понятный, и вы можете легко подключить любой сервис, используя Google.

Теги: Steam

Категория: Steam / Полезные статьи

miped.ru

winauth/winauth: Authenticator for Battle.net / Steam / Guild Wars 2 / Glyph / Runescape / SWTOR / Bitcoin and digital currency exchanges

WinAuth is a portable, open-source Authenticator for Windows that provides counter or time-based RFC 6238 authenticators and common implementations, such as the Google Authenticator. WinAuth can be used with many Bitcoin trading websites as well as games, supporting Battle.net (World of Warcraft, Hearthstone, Heroes of the Storm, Diablo), Guild Wars 2, Glyph (Rift and ArcheAge), WildStar, RuneScape, SWTOR and Steam.

Download Latest Beta Version

The latest beta version is WinAuth 3.6 and is available from the releases page. Please do not use this version unless you are testing new features.

This will likely be the last version of WinAuth when released as 3.7. It has reached the end of its useful life and requires a massive UI overhaul. My thanks to everyone who has used WinAuth, provided fixes and useful suggestions.

Download Latest Stable Version (WinAuth 3.5)

WinAuth provides an alternative solution to combine various two-factor authenticator services in one convenient place.

This is the latest stable version and can be downloaded from the releases page, or directly from:

Latest Version (WinAuth-3.5.1)

There is also a .Net 3.5 build of WinAuth that can be run on Windows 7 installations "out of the box".

Features include:

  • Support for time-based RFC 6238 authenticators (e.g. Google Authenticator) and HOTP counter-based authenticators
  • Supports Battle.net (World of Warcraft, Hearthstone, Heroes of the Storm, Diablo III), GuildWars 2, Trion / Glyph (Rift, ArcheAge), RuneScape, WildStar, SWTOR and Steam
  • Supports Steam's SteamGuard and trading confirmations
  • Supports many Bitcoin trading websites such as Coinbase, Gemini, Circle, Bitstamp, BTC-e, Cryptsy
  • Displays multiple authenticators simultaneously
  • Codes displayed and refreshed automatically or on demand
  • Data is protected with your password, locked to Windows machine or account, or a YubiKey
  • Additional password protection per authenticator
  • Restore features for supported authenticators, e.g. Battle.net and Rift
  • Selection of standard or custom icons
  • Hot-key binding with standard or custom actions, such as code notification, keyboard input, and copy to clipboard
  • Portable mode preventing changes to other files or registry settings
  • Import and export in UriKeyFormat and from Authenticator Plus for Android
Updates
  • 3.5.1 - Issue#366: fix spamming notifications when Steam is down. Hide confim/cancel all buttons on login.

How To Use

Use the following link to download the latest version of WinAuth, or go to the Releases page.

Requires Microsoft .Net 4.5

To use:

  • Download the latest stable version of WinAuth
  • There is no installation required, just open the zip file and extract the WinAuth.exe file to anywhere on your computer
  • Double-click or run WinAuth.exe
  • Click the Add button to add or import an authenticator
  • Right-click any authenticator to bring up context menu
  • Click the icon on the right to show the current code, if auto-refresh is not enabled
  • Click cog/options icon for program options

To compile and build from source:

  • Download source code file or clone project
  • Requires Microsoft Visual Studio 2015
  • any other dependencies are included in the source tree in the 3rd Party folder
  • Use ILMerge to combine assemblies into one single exe file

New Features

Version 3.5 includes Steam trade confirmations.

If you registered SteamGuard with WinAuth 3.3.7 or earlier, you will need to remove it from your Steam account and add it again. This is because WinAuth 3.3 only kept information relevant to generating the SteamGuard authenticator codes, however, confirmations needs more information.

You can go into the normal Steam client, choose Account Details, then click "Manage Steam Guard". Click the Remove Authenticator button and enter the recovery code (aka revocation code - found from right-clicking in WinAuth).

Once the new authenticator is added, you will have an extra option when right-clicking called "Confirmations...". This will login with your username/password and show your current trade confirmations. You can click to view more details, and use the buttons to accept or reject them.

If you choose "remember me", WinAuth will keep you logged in (does not keep your username/password) so you can quickly go into Confirmations again.

COMMON QUESTIONS

Is it secure? Is it safe?

All authenticators just provide another layer of security. None are 100% effective.

A physical/keychain device is by far the best protection. Although still subject to any man-in-the-middle attack, there is no way to get at the secret key stored within it. If you are at all concerned, get one of these.

An iPhone app or app on a non-rooted Android device is also secure. There is no way to get at the secret key stored on the device, however, some apps provides way to export the key that could compromise your authenticator if you do not physically protect your phone. Also if those apps backup their data elsewhere, that data could be vulnerable.

A rooted-Android phone can have your secret key read off it by an app with access. Some apps also do not encrypt the keys and so this should be considered risky.

WinAuth stores you secret key in an encrypted file on your computer. Whilst it cannot therefore provide the same security as a separate physical device, as much as possible has been done to protect the key on your machine. As above, physical access to your machine would be the only way to compromise any authenticator.

I'm concerned this might be a virus / malware / keylogger

WinAuth has been around and used since mid-2010 and has been downloaded by thousands of users.

It has always been open-source allowing everyone to inspect and review the code. A binary is provided, but the source code is always released simultaneously so that you can review the code and build it yourself.

No personal information is sent out to any other 3rd party servers. It never even sees your account information, only your authenticator details.

There are no other executables installed on your machine. There is no installer doing things you are unable to monitor. WinAuth is portable so you can just run it from anywhere.

I found WinAuth on another website, is it the same thing?

WinAuth source code is uploaded to GitHub at http://github.com/winauth/winauth and pre-built binaries are in releases. It is not published anywhere else, so please do not download any other programs claiming to be WinAuth.

Where does WinAuth save my authenticator information?

Unlike some other authenticator applications, WinAuth does not store/send your information to any 3rd party servers. Your authenticator information is saved by default in your account roaming profile, i.e. c:\Users<username>\AppData\Roaming\WinAuth. However, this file can be moved anywhere and passed into WinAuth when run.

More Information

All trademarks are recognised, including but not limited to:

  • Blizzard, Battle.net, World of Warcraft, Starcraft, Diablo
  • ArenaNet, Guild Wars 2
  • Trion, Rift
  • Google
  • Microsoft
  • Steam

Author

WinAuth was written by Colin Mackie. Copyright (C) 2010-2017.

Bitcoin donations can be sent to 1C4bMkMATViiWYsmJSDUx2MruWM785C36Y

License

This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program. If not, see http://www.gnu.org/licenses/.

winauth.com

WinAuth v1.5.1116: Battle.net - Pocket PC (Windows Mobile, Windows CE). Qtek Loox iPAQ Axim i-Mate T-Mobile HTC Mitac pocketpc E-Ten Windows Mobile, 5.0, Pocket PC, ...

 
Battle.net
:
: 3663
-       : 2       +          
:

: : 

:12.10.2010:30.08.2011

:

Colin Mackiecode.google.com/u/@UhRWQ...

:   Pocket PC:

ARM Windows Mobile 6.0

 :: 0, : 0, : 1, : 5, : 746

:

WinAuth Battle.net.

 

.

 

 
 
,

, - , ,

  , , , , , - Pocket PC Windows Mobile. , , , , PDA.

, (). . , (freeware) .

www.ladoshki.com

WinAuth Windows 2-factor Authentication app

WinAuth is a free open-source program for the Windows operating system that can be used to generate codes for various services offering 2-factor authentication.

2-factor authentication, sometimes also called 2-step verification, is an authentication scheme that adds a second verification step to authorization processes.

Companies started to add these options to improve account security. Basically, what it does when enabled is to require another code to be entered before access is granted.

This prevents many common attack forms such as phishing, brute forcing and even password dumping.

There are three core types of code generations for 2-factor authentication schemes: hardware-based, software-based, and remote-generation.

  • Hardware-based: usually come in form of a simple gadget that you sync with an account. Once synced, you press a button to generate a code.
  • Software-based: usually as an application that you install on a smartphone. Google Authenticator and Authy are two popular solutions, but there are more, and some companies have created their own authenticator application.
  • Remote Generation: requires a mobile phone, with codes arriving via SMS.

WinAuth

WinAuth has been designed as a free program for Windows to give Windows users a tool at hand that they can use to generate codes for several popular services.

The program supports — at the time of writing — Google, Microsoft, and the gaming services or games Battle.net, Steam, Guild Wars 2, Glyph, SWTOR, RuneScape, and WildStar. WinAuth supports any service that uses Google Authenticator, Microsoft Authenticator, or RFC 6284 based authentication.

Note: WinAuth requires the Microsoft .Net Framework but not installation.

The program displays a basic dialog on first start which you use to add services to the program. Click on the add button and select one of the listed services or the generic “authenticator” option from the menu that opens up.

The process is usually the same regardless of service, but it is only explained in detail for the listed services and not the generic option.

What you need to do usually is open the service on the web to start the 2-factor authentication setup. How that is done depends on the service in question. Generally speaking, you will get an email or SMS first to verify the setup, and need to copy a secret key that is displayed on the site into the WinAuth application.

Since it does not support the scanning of QR codes, it is a required step to make the program the code generator for the selected account.

You can then hit the verification button in WinAuth to generate a verification code that you entert on the service’s website to complete the sync process.

The program displays protection options once the syncing completes. You may protect the data using a custom password, or may use Windows account encryption to protect it so that it cannot be used on another computer, or even another user on the computer.

Last but not least, if you own a Yubikey device, you may use it for protection as well.

Once done, you will be asked to enter the code when you sign in to the service. Some services request a code all the time while others allow you to define a device as secure so that codes are requested only occasionally when you are using them.

When a code is requested open WinAuth to get the code that you need to complete the authentication process. Each generator can be set up to generate codes automatically when the program is open, or only on request.

As far as security is concerned, the developers have this to say:

All private authenticator data is encrypted with your own personal password, salted and enhanced with key strengthening to reduce the ability for brute force attacks. The data can also be protected using Windows in-built Data Protection API, which will “lock” the data to a single computer or account, making it completely unusable if copied to another computer.

WinAuth saves the data to c:Users<username>AppDataRoamingWinAuthwinauth.x by default

Closing Words

WinAuth is a handy program for Windows users who want to use 2-factor authentication without using a mobile device to do so. Doing so may limit mobility, but that may not be a requirement.

websetnet.com


Смотрите также