Elcomsoft Cloud Explorer 1.31 Features New Authentication Engine, Makes Use of Authentication Tokens

Elcomsoft Cloud Explorer 1.31 makes a number of important changes under the hood. The new authentication engine becomes significantly more future-proof by making use of phone-specific protocols as opposed to extracting information via browser-based services. In addition, the new release caches token-based authentication credentials with full 2FA support, and fixes the issue of failing SMS downloads for the latest Android O Preview running on Google Pixel devices.

Elcomsoft Cloud Explorer 1.31 implements a number of under-the-hood changes to its authentication and downloading engine. The new engine is now based on phone-specific protocols, offering robust usage experience and getting more future-proof compared to the browser-based implementation used in previous builds.

The new authentication engine is built on top of Google’s proprietary communication protocol, and is no longer based on HTTP-based extraction. On the one hand, this new authentication engine becomes significantly more future proof to any changes implemented by Google. On the other hand, users may experience the need to enter two-factor authentication codes twice when acquiring Dashboard data.

The reason behind developing a new authentication engine was to offer a more robust performance as Google makes changes to their protocols. Below is the full list of changes in user experience resulting from the use of the new authentication engine.

  • Elcomsoft Cloud Explorer now caches authentication credentials (including two-factor authentication) in a token. Subsequent acquisitions will no longer require re-authentication.
  • If acquiring Dashboard data for accounts with two-factor authentication, the secondary code will be requested twice.
  • Dashboard data will not be accessible for token-based sign-ins using cached credentials.
  • Account owner may receive an email notification from Google once Elcomsoft Cloud Explorer authenticates into the account using the login and password. Subsequent sessions authenticated with a token will not trigger this notification.

In addition, the new release fixes the SMS downloading issue with the new Android O Developer Preview running on Google Pixel devices.

Mais