How to use Google Authenticator with Remote Desktop

Estimated reading: 5 minutes 405 views

Google Authenticator is an authenticator app that provides an extra layer of security to help protect your online accounts and devices. As a part of a Two-Factor Authentication (2FA) process, it requires a user to provide two pieces of information to access an account – something the user knows (like a login credential or password) and something the user has (like a mobile device with the Google Authenticator app installed). In this article, we’ll discuss the benefits of setting up Google Authenticator with Remote Desktop and provide step-by-step instructions on how to enable it. We’ll also explore other options for Two-Factor and Multi-Factor Authentication (MFA) for Remote Desktop Services (RDS) and summarize the benefits of using Google Authenticator with Remote Desktop.

Google Authenticator: What it is and how it works

Google Authenticator is a mobile application you can install on your mobile device to enable Two-Factor Authentication (2FA) logins to your accounts. This authenticator app helps protect your online accounts and devices from malicious actors. Google Authenticators generates One-Time Passwords (OTPs), which users can use in addition to their passwords to verify their identities.

Google Authenticator is an application developed by Google that is available for Android and iOS devices. The application uses a technology known as Time-Based One-Time Password (TOTP) Algorithm to generate unique passwords every 30 seconds. This security measure helps protect users from phishing attacks, as each generated code is only valid for 30 seconds.

Registering Google Authenticator for Two-Factor Authentication (2FA) can be done by scanning the setup QR code. Once you have done this, you will need to enter the 6-digit code from the Google Authenticator application. After that, you will be able to log in to your Remote Desktop account using both your username and password as well as the 6-digit code from the Google Authenticator application.

Image showing scanning a QR code

When they log in to an account, the user is first prompted for their password.

Image showing the first step of MFA login to Remote Desktop using Google Authenticator

Then, the user will be prompted for the second factor. The second authentication factor could be a code sent via SMS, an Email Link, a Mobile Push notification, or a WebAuthn/U2F Security Key. But Google Authenticator does not support any of these authentication methods. Instead, Google Authenticator generates a 6-digit code. The application integrated with Google Authenticator prompts the user to enter the 6-digit code from the app. This code is then verified to ensure that the user is who they say they are.

After providing the correct TOTP code from the Google Authenticator mobile app, the user gets logged in to Remote Desktop.

Image showing a successfully established Remote Desktop (RDP) connection after completing MFA using Google Authenticator

Can you use Google Authenticator with RDP?

Yes, it is possible to use Google Authenticator with RDP. It is an excellent way to help secure your connection and provide an extra layer of security to your system. All you need to do is download the Google Authenticator application, set up an account, and then enter the 6-digit code each time you are prompted to log into your Remote Desktop account.

How to Set Up Google Authenticator for 2-Factor Authentication (2FA)?

There are lots of ways by which you can set up two-factor authentication in your Microsoft Windows RDP but only a few work. So here in this guide, I will show you guys how to set up 2-factor authentication on your Windows Remote desktop. Also, this software is free for 15 days after that you have to purchase it.
Setting up Google Authenticator for 2-Factor Authentication (2FA) can be done in a few simple steps. First, you must download the Google Authenticator application on your device.

  • You open App Authenticator and proceed to Scan the QR code displayed on your VPS.
    • Google Play Link:  Here
    • Link Appstore:  Here
    • Chrome Link Extensions:  Here
      With Chrome you can save QRcode images. Then scan or import at: chrome-extension://bhghoamapcdpbohphigoooaddinpkbai/view/import.html?QrImport

When scanning the above QR code, we will receive a 6-digit code, these 6 digits will continuously change after 30 seconds.

Configure SSH Two Factor Authentication on Ubuntu 22.04

Next, Download Rohos: https://www.rohos.com/
After downloading and installing, you will get the interface as shown below:
Configure SSH Two Factor Authentication on Ubuntu 22.04
Next, select options -> Google authentication and select OK
Configure SSH Two Factor Authentication on Ubuntu 22.04Configure SSH Two Factor Authentication on Ubuntu 22.04
Next step click on Setup OTP token section and select Display QR code in the Google authentication section to save the QR code
Configure SSH Two Factor Authentication on Ubuntu 22.04
Next, open the Google Authenticator application on your mobile device and set up an account by scanning the QR code that appears on the Rublon Prompt displayed on your Remote Desktop login page.
With Chrome you can save QRcode images. Then scan or import at: chrome-extension://bhghoamapcdpbohphigoooaddinpkbai/view/import.html?QrImport

Image showing how to enroll the Google Authenticator app for Remote Desktop MFA logins

Next, we click on the Learn More section and fill in the question information in the Setup Emergency Logon section, and click OK
Image showing how to enroll the Google Authenticator app for Remote Desktop MFA loginsImage showing how to enroll the Google Authenticator app for Remote Desktop MFA logins
Then we move to the Options section, select Active screensaver and For any user as shown below:
Image showing how to enroll the Google Authenticator app for Remote Desktop MFA logins
Then restart your VPS (RDP), you will need to enter the 6-digit code from the Google Authenticator application into your Remote Desktop login page to authenticate your identity.

Once you have done this, you will be able to use 2FA with your Remote Desktop account during each login.