2 Factor Authentication w/ Encrypted Backup and Device Sync - Bye Bye Google Authenticator
View this post on Hive: 2 Factor Authentication w/ Encrypted Backup and Device Sync - Bye Bye Google Authenticator
View this post on Hive: 2 Factor Authentication w/ Encrypted Backup and Device Sync - Bye Bye Google Authenticator
I am looking forward to FIDO being more popular since 2FA has the flaw that both sides need to keep the seed code encrypted and secure. There has been cases where the website did a poor job with this security.
FIDO uses a different process that supposedly eliminates this problem. Alas i do not know the tech behind it.
FIDO doesn't work on mobile, so you wouldn't be able to login to any sites using it while on your phone.
Well that sucks. Thanks for the info.
the more the improvement of the system more the security and more headache
2FA is really quite the revelation in privacy settings, but it seems like it's still early days for it. Most people still don't use it, and I started using it no longer than a year ago or so. When it works, it works, but when unusual things happen it can get messy. I don't think Google will let itself become obsolete in anything, but I wouldn't be surprised if they made big changes to their authenticator to keep up with better ideas.
I agree.
Got rid of using Google authenticator when i lost access to a crypto exchange account because i didn't save the seed key. Switched to Authy 2fa Authenticator ever since then and can't even dream of going back to google Aunthenticator because of the backup and sync feature it lacks.
Will give this 1password a trial. I just hope it has enough features to make me switch from Authy. 😁
the recovery option is sms text message to new phone with same number, get a new sim from phone provider and works fine
i guess it is not available to all users idk
Nice contribution. I haven't tried the 2FA function in 1Pass yet.
I don't quite understand your statement at the end where you say that cell phones are bad 2FA devices.
In the case of 1Pass, if I understand correctly, both factors are secured in one place.
I use Authy myself and I am very satisfied with it.
In any case better than Google Authenticator :)
If sms is used as second factor, someone can call your mobile company and pretend to need a copy of the sim and they will sometimes get it. At that point they can get all your sms messages.
Yes that is right. Social Engeneering is an often used attack vector.
But I don’t think Authy can be restored only with sms. If this is so there is no need for Authy at all.
As you might know, some providers send the auth code via SMS instead of using a 2FA application. In theory, if you're planning to attack a single person, it's shockingly easy to call the provider and gain access to the SIM card. This technique is called "Social Engineering" and is actually pretty effective.
Google Authenticator and competitors use an encryption key which is shared with the device via the QR code you're scanning at initial setup. Therefore, the code is unique and device-bound, so there is no way for an attacker to gain access to it (unless he gets access to your device).
acá toca guardar la clave secreta de cada sitio para la configuración de 2FA.
This is a nice one from a frd and a boss. U have thought me something i will never have knew in just a second about google authenticator , i have it on my phone but i never knew. May the good Lord bless you @themarkymark
Thanks a lot my frd and my boss @themarkymark ur information as make me ro follow u knowing the benefit of knowledge i will gain from you. Stay cool and be blessed
2 Factor Authentication is one of the least utilized security measures we can employ. This is another layer of protection which will circumvent your information from getting hacked. Thanks for the share.
interesting information. But, I think Google is not going to become obsolete.