2-Factor Authentication - page 4. | Bitcointalksearch.org

Rhinoboy11

jr. member

Activity: 224

Merit: 2

Quote from: ABCbits on January 13, 2018, 01:10:40 PM

I think no since Google Authenticator works offline and even if you only add the authentication key only with vague description/name. Unless they upload your keys and description along with google account you use on your smartphone.

i wish we didn't have to use them anyways.

SmokerFace

sr. member

Activity: 958

Merit: 265

Quote from: charlotte04 on January 31, 2018, 03:05:35 AM

Quote from: botany on January 13, 2018, 06:28:34 AM

Is there any loss of privacy while using 2 Factor authentication?
If you use Google Authenticator on an android phone (where essentially you have linked your google id), to authenticate the login of a third party website, can google link your google id with the credentials of the third party website?

I am really scared about this. What if I lost my phone? How would I recover my authentication codes? Is there any possibilities I could recover them?

Every Exchange websites has a feature that when you turn on the 2FA authenticator on your account they will give you a Secret Key and Qr Code of your google authenticator even you'd lost your phone you can easily turn off or change your 2FA Secret Key by using another android device that's why before you use 2FA save the Qr code and Secret key of your account into another device so once it will lost you're not be afraid to get hacked Wink

thr3

member

Activity: 77

Merit: 13

Google Authenticator is device specific - I believe if you lose your device, it will be a pain to convince sites that you own the account, plus there are no backups

Authy - an account based authentication and supports backups (has google authenticator built in if I am not mistaken) but if this company gets hacked (or Lastpass), hackers will have a field day

stantpro

full member

Activity: 280

Merit: 101

Google authentication is an independent security feature for
your personal protection.If you invoked google authentication
from your device, it shall never be linked to any third party site
or software except if you are hacked from your own device.
More so, if the third-party software or site integrated google authentication
as a security feature to access the resources, then it is the third party's
bid which automatically has a link with google authentication process
prior to your subscription.

puwaha

sr. member

Activity: 700

Merit: 294

Quote from: Welsh on January 14, 2018, 07:23:27 AM

The main reason why I wouldn't use Google authenticator or Authy is because it's not open source. There's open source alternatives which have been mentioned above which are simply better. Before you say Google authenticator is open source, the app which you download on the store is not.

There's a very good reason why authenticator apps are not open source. You don't want someone to figure out or reverse engineer the algorithms they use to generate the codes.

RSA has been doing 2FA for a very long time. They are considered bulletproof in the enterprise market... they don't publish their code either... for the same reason.

You are more likely to get your account hacked on an exchange where they can turn off 2FA or convince support to reset it for the hacker's 2FA authenticator app.

1C6fV5DtakfKANLJ8GUV7hCaA

full member

Activity: 462

Merit: 104

Crypto Marketer For Whales

Not at all. The keys are the only ones that has been preloaded into the app and Google's servers. No personal account info is stored.

tora

member

Activity: 532

Merit: 13

I do not have a mobile and google authenticator does not work on my laptop. I use gauth for 2fa.

online73

full member

Activity: 644

Merit: 101

Ecowatt.io

Quote from: ManaMan on January 26, 2018, 10:29:16 AM

If you do care about privacy first things first you wouldn't be using apps provided by google itself. Although I think google authentication is okay, I guess you don;t still know what it can do in the background. You probably have some old mobile phone so I'll advise you to use that offline without connecting to the internet so you use that particular phone only for 2FA.

This eliminates the risks of somebody even compromising your phone and getting access to your 2FA codes and other stuff as most people like to keep their mails + 2FA on same phone and other information which can be a nightmare if somebody compromised your phone. We all know that mobile phones are somewhat first target for hackers as all of us have them and keep sensitive information in them, that's why I'll advise you to have separate mobile phone for 2FA only, if you don't have any old smartphone you can order some china phones for like 50bucks or even less they are able to run 2FA offline, all you need.

Totally agree with you, At the moment, every day a huge probability of your hacking. I have allocated a separate phone for 2FA. I do not know all the technical subtleties, but I consider this to be the most correct action. Every day, burglars are advancing in various tricks on the theft of various information and money, but a separate phone, without various online games and the like - this should be the elementary rule of security.

charlotte04

full member

Activity: 504

Merit: 102

Quote from: botany on January 13, 2018, 06:28:34 AM

Is there any loss of privacy while using 2 Factor authentication?
If you use Google Authenticator on an android phone (where essentially you have linked your google id), to authenticate the login of a third party website, can google link your google id with the credentials of the third party website?

I am really scared about this. What if I lost my phone? How would I recover my authentication codes? Is there any possibilities I could recover them?

alkhie01

full member

Activity: 378

Merit: 103

I think there is no problem using 2fa authenticator because its connected in your phone and its working even your not online.For me google authenticator really helps a lot to secure your accounts.

xwshamim

sr. member

Activity: 467

Merit: 251

https://t.me/xwshamim

No, how far i know nobody else can use it or any apps can use its if any body knows your password but don't know the authentication code he cant do anything to your account .and if you have your phone you have access if not then you have the backup key to back up your account .its very safe that is what i know about 2fa . and i m also a 2fa user .not had any problems like this yet

tbct_mt2

hero member

Activity: 2366

Merit: 838

Quote from: botany on January 13, 2018, 06:28:34 AM

Is there any loss of privacy while using 2 Factor authentication?
If you use Google Authenticator on an android phone (where essentially you have linked your google id), to authenticate the login of a third party website, can google link your google id with the credentials of the third party website?

I think it will be safe and secured if you always keep your phone offline, out of Internet connections. No-one, no hackers can trace your activities and your 2FA codes.

ManaMan

member

Activity: 238

Merit: 38

Quote from: 99th on January 26, 2018, 10:35:40 AM

Quote from: botany on January 13, 2018, 06:28:34 AM

Is there any loss of privacy while using 2 Factor authentication?
If you use Google Authenticator on an android phone (where essentially you have linked your google id), to authenticate the login of a third party website, can google link your google id with the credentials of the third party website?

John Macafee got hacked from using 2FA. It gave the hackers the ability to recover his phone number. Read about it by googling it. I never liked the idea of it anyways because of a few reasons. I have turned it off since Macafee's hack back in December.

Read my previous posts... that's why I outline that you have to have another phone which will be offline all the time. Security issue here is if an attacker gain control over your phone and you keep everything together on your smartphone. If you are lodged in to many accounts + have 2FA, when an attacker gets to your phone it is game over as everything is on one device.

John, himself, was attacked due to him saying coins of the week and therefore pumping them across multiple exchanges which as a result made him good target.

99th

member

Activity: 196

Merit: 22

Las Vegas

Quote from: botany on January 13, 2018, 06:28:34 AM

Is there any loss of privacy while using 2 Factor authentication?
If you use Google Authenticator on an android phone (where essentially you have linked your google id), to authenticate the login of a third party website, can google link your google id with the credentials of the third party website?

John Macafee got hacked from using 2FA. It gave the hackers the ability to recover his phone number. Read about it by googling it. I never liked the idea of it anyways because of a few reasons. I have turned it off since Macafee's hack back in December.

ManaMan

member

Activity: 238

Merit: 38

If you do care about privacy first things first you wouldn't be using apps provided by google itself. Although I think google authentication is okay, I guess you don;t still know what it can do in the background. You probably have some old mobile phone so I'll advise you to use that offline without connecting to the internet so you use that particular phone only for 2FA.

This eliminates the risks of somebody even compromising your phone and getting access to your 2FA codes and other stuff as most people like to keep their mails + 2FA on same phone and other information which can be a nightmare if somebody compromised your phone. We all know that mobile phones are somewhat first target for hackers as all of us have them and keep sensitive information in them, that's why I'll advise you to have separate mobile phone for 2FA only, if you don't have any old smartphone you can order some china phones for like 50bucks or even less they are able to run 2FA offline, all you need.

Ralph1075

newbie

Activity: 211

Merit: 0

Since Google authentication operates offline ,providing best securities for most websites like Binance and others, you will be provided with a private key when registering for any Google authenticated website which is meant to be guarded with care.

LeGaulois

copper member

Activity: 2940

Merit: 4101

Top Crypto Casino

Quote from: markkeian on January 22, 2018, 01:06:52 AM

i have been using Google authenticator since then and im not having any issue with it,but if u worry u can always enaable email verification ror additional security.
And make sure u disable your 2fa authentication once you think of selling ur mobiles.It happens to me i forgot to disable 2fa and sell my mobile.Glad i was able to fix it by sending ticket to support.

The main topic we've been talking is about the privacy, enable email verification isn't going to help it

Quote from: TonyMark on January 20, 2018, 12:45:46 AM

There is no harm with 2-factor authentication. It is just used for our security purpose. In fact, those accounts integrate with 2FA they are trustworthy and more secure. If you are doing some transaction on the trading or exchange platform then 2FA is essential for our security purpose.

In my opinion, giving our privacy shouldn't be the price of our security but taking it back is.

Quote

In the digital age individuals may exercise the right to privacy by giving some part of information voluntarily but cannot be forced to do The right to privacy is a part of right to liberty

markkeian

full member

Activity: 508

Merit: 101

EXMR

i have been using Google authenticator since then and im not having any issue with it,but if u worry u can always enaable email verification ror additional security.
And make sure u disable your 2fa authentication once you think of selling ur mobiles.It happens to me i forgot to disable 2fa and sell my mobile.Glad i was able to fix it by sending ticket to support.

ViceOfBTC21

sr. member

Activity: 438

Merit: 266

Quote from: TonyMark on January 20, 2018, 12:45:46 AM

There is no harm with 2-factor authentication. It is just used for our security purpose. In fact, those accounts integrate with 2FA they are trustworthy and more secure. If you are doing some transaction on the trading or exchange platform then 2FA is essential for our security purpose.

I disagree. There is a privacy harm. They know your mobile number. I know you can buy cheap old Nokia only for 2FA purposes, but in most countries (including mine) you must register your phone number. Of course you can buy registered prepaid SIM on blackmarket, but I don't condone this unless paying fine is better than losing your trading capital. Just use complicated password for exchange and wallet and you will be fine.

TonyMark

member

Activity: 135

Merit: 11

There is no harm with 2-factor authentication. It is just used for our security purpose. In fact, those accounts integrate with 2FA they are trustworthy and more secure. If you are doing some transaction on the trading or exchange platform then 2FA is essential for our security purpose.

Topic: 2-Factor Authentication - page 4. (Read 1754 times)